summaryrefslogtreecommitdiff
path: root/security/suricata/files/suricata.in
blob: a3bed3557e60ef5a57da932d93b9bd50f3623544 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/bin/sh

# PROVIDE: suricata
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown

# Add the following lines to /etc/rc.conf to enable suricata:
# suricata_enable (bool):	Set to YES to enable suricata
# 				Default: NO
# suricata_flags (str):		Extra flags passed to suricata
#				Default: -D
# suricata_interface (str):	Network interface(s) to sniff
#				Default: "" 
# suricata_conf (str):		Suricata configuration file
#				Default: ${PREFIX}/etc/suricata/suricata.yaml
# suricata_divertport (int):	Port to create divert socket (Inline Mode)
#				Default: 8000
# suricata_netmap (str):	Set to YES to enable netmap (Inline Mode)
#				Default: NO
# suricata_user (str):		Set the user to run suricata as
#				Default: root
# suricata_pidfile (str):	Pidfile to store pid of suricata process
#				Default: /var/run/suricata.pid

. /etc/rc.subr

name="suricata"
rcvar=suricata_enable

start_precmd="suricata_prestart"
command="%%PREFIX%%/bin/suricata"

load_rc_config $name

[ -z "$suricata_enable" ]	&& suricata_enable="NO"
[ -z "$suricata_conf" ]		&& suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml"
[ -z "$suricata_flags" ]	&& suricata_flags="-D"
[ -z "$suricata_divertport" ]	&& suricata_divertport="8000"
[ -z "$suricata_netmap" ]	&& suricata_netmap="NO"
[ -z "$suricata_user" ]		&& suricata_user="root"
[ -z "$suricata_pidfile" ]	&& suricata_pidfile="/var/run/suricata.pid"

if [ -n "$suricata_interface" ]; then
	for interface in $suricata_interface; do
		suricata_flags="$suricata_flags --pcap=$interface"
	done
elif [ "$suricata_netmap" != "NO" ]; then
	suricata_flags="$suricata_flags --netmap"
else
	suricata_flags="$suricata_flags -d $suricata_divertport"
	info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
fi

pidfile=$suricata_pidfile
suricata_flags="$suricata_flags --pidfile $pidfile"

[ -n "$suricata_conf" ]	&& suricata_flags="$suricata_flags -c $suricata_conf"

suricata_prestart()
{
	if ! run_rc_command status > /dev/null; then
		rm -f "$pidfile"
	fi
}

run_rc_command "$1"