fc750d9a9d
Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. https://suricata-ids.org Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
65 lines
1.0 KiB
Bash
65 lines
1.0 KiB
Bash
#!/bin/sh
|
|
|
|
DAEMON=suricata
|
|
PIDFILE=/var/run/$DAEMON.pid
|
|
|
|
SURICATA_ARGS="-c /etc/suricata/suricata.yaml -i eth0"
|
|
|
|
SURICATA_RELOAD=0
|
|
|
|
[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
|
|
|
|
start() {
|
|
printf 'Starting %s: ' "$DAEMON"
|
|
mkdir -p /var/log/suricata
|
|
start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/usr/bin/$DAEMON" \
|
|
-- $SURICATA_ARGS
|
|
status=$?
|
|
if [ "$status" -eq 0 ]; then
|
|
echo "OK"
|
|
else
|
|
echo "FAIL"
|
|
fi
|
|
return "$status"
|
|
}
|
|
|
|
stop() {
|
|
printf 'Stopping %s: ' "$DAEMON"
|
|
start-stop-daemon -K -q -p "$PIDFILE"
|
|
status=$?
|
|
if [ "$status" -eq 0 ]; then
|
|
rm -f "$PIDFILE"
|
|
echo "OK"
|
|
else
|
|
echo "FAIL"
|
|
fi
|
|
return "$status"
|
|
}
|
|
|
|
restart() {
|
|
stop
|
|
sleep 1
|
|
start
|
|
}
|
|
|
|
# SIGUSR2 makes suricata reload rules
|
|
reload() {
|
|
printf 'Reloading %s: ' "$DAEMON"
|
|
start-stop-daemon -K -s "$SURICATA_RELOAD" -q -p "$PIDFILE"
|
|
status=$?
|
|
if [ "$status" -eq 0 ]; then
|
|
echo "OK"
|
|
else
|
|
echo "FAIL"
|
|
fi
|
|
return "$status"
|
|
}
|
|
|
|
case "$1" in
|
|
start|stop|restart|reload)
|
|
"$1";;
|
|
*)
|
|
echo "Usage: $0 {start|stop|restart|reload}"
|
|
exit 1
|
|
esac
|