blob: a3bed3557e60ef5a57da932d93b9bd50f3623544 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
#!/bin/sh
# PROVIDE: suricata
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable suricata:
# suricata_enable (bool): Set to YES to enable suricata
# Default: NO
# suricata_flags (str): Extra flags passed to suricata
# Default: -D
# suricata_interface (str): Network interface(s) to sniff
# Default: ""
# suricata_conf (str): Suricata configuration file
# Default: ${PREFIX}/etc/suricata/suricata.yaml
# suricata_divertport (int): Port to create divert socket (Inline Mode)
# Default: 8000
# suricata_netmap (str): Set to YES to enable netmap (Inline Mode)
# Default: NO
# suricata_user (str): Set the user to run suricata as
# Default: root
# suricata_pidfile (str): Pidfile to store pid of suricata process
# Default: /var/run/suricata.pid
. /etc/rc.subr
name="suricata"
rcvar=suricata_enable
start_precmd="suricata_prestart"
command="%%PREFIX%%/bin/suricata"
load_rc_config $name
[ -z "$suricata_enable" ] && suricata_enable="NO"
[ -z "$suricata_conf" ] && suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml"
[ -z "$suricata_flags" ] && suricata_flags="-D"
[ -z "$suricata_divertport" ] && suricata_divertport="8000"
[ -z "$suricata_netmap" ] && suricata_netmap="NO"
[ -z "$suricata_user" ] && suricata_user="root"
[ -z "$suricata_pidfile" ] && suricata_pidfile="/var/run/suricata.pid"
if [ -n "$suricata_interface" ]; then
for interface in $suricata_interface; do
suricata_flags="$suricata_flags --pcap=$interface"
done
elif [ "$suricata_netmap" != "NO" ]; then
suricata_flags="$suricata_flags --netmap"
else
suricata_flags="$suricata_flags -d $suricata_divertport"
info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
fi
pidfile=$suricata_pidfile
suricata_flags="$suricata_flags --pidfile $pidfile"
[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf"
suricata_prestart()
{
if ! run_rc_command status > /dev/null; then
rm -f "$pidfile"
fi
}
run_rc_command "$1"
|