.: If you want to converse with me contact punisher at my domain :.
Put it in /etc/rc.d/ as rc.snort and make it executable.
#!/bin/sh
# User configurable variables first
BASE="/usr/local/bin/snort"
CONF="/usr/local/etc/snort.conf"
ARGS="-A Fast -p -D"
PIDFILE="/var/run/snort_eth0.pid"
# Everything below here shouldn't need to be touched
if [ -f $PIDFILE ]; then
PID=`cat $PIDFILE`
fi
snort_start() {
if [ -f $PIDFILE ]; then
echo "Snort is already running"
exit 0
else
if [ -x $BASE ]; then
$BASE -c $CONF $ARGS >/dev/null 2>&1
echo "Starting Snort"
fi
sleep 2
if [ -f $PIDFILE ]; then
echo "Snort sucessfully started"
exit 0
else
echo "Snort not started"
fi
fi
}
snort_stop() {
if [ -f $PIDFILE ]; then
/bin/kill $PID > /dev/null 2>&1
echo "Stopping Snort"
rm -f $PIDFILE
sleep 2
if [ -f $PIDFILE ]; then
echo "Snort was not stopped"
else
echo "Snort sucessfully stopped"
fi
else
echo "Snort is not running"
exit 0
fi
}
snort_restart() {
snort_stop
sleep 1
snort_start
}
case "$1" in
'start')
snort_start
;;
'stop')
snort_stop
;;
'restart')
snort_restart
;;
*)
echo "Usage $0 start|stop|restart"
;;
esac
exit 0