#!/bin/sh
#
# snortd         Start/Stop the snort IDS daemon.
#
# chkconfig: 2345 40 60
# description:  snort is a lightweight network intrusion detection tool \
#		that currently detects more than 1100 host and network \
#		vulnerabilities, portscans, backdoors, and more.
# processname: snort
# config: /etc/snort/snort.conf

# Source function library.
. /etc/init.d/functions

# Specify your network interface here
INTERFACE=eth0
LOGDIR=/var/log/snort/
CONFIGFILE=/etc/snort/snort.conf
SNORTBINARY=/usr/local/bin/snort

RETVAL=0

start() {
	echo -n $"Starting snort: "
	daemon $SNORTBINARY -u snort -g snort -s -d -D \
		-i $INTERFACE -l $LOGDIR -c $CONFIGFILE
	RETVAL=$?
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/snortd
	echo
        echo -n $"(log to " $LOGDIR " with configfile " $CONFIGFILE ")"
        echo 
}

stop() {
	echo -n $"Stopping snort: "
	killproc snort
	RETVAL=$?
	rm -f /var/lock/subsys/snortd
	echo
}

dostatus() {
	status snort
	RETVAL=$?
}

restart() {
	stop
	start
	RETVAL=$?
}

condrestart() {
	[ -e /var/lock/subsys/snortd ] && restart || :
}

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
	dostatus
	;;
  restart|reload)
	restart
	;;
  condrestart)
	condrestart
	;;
  *)
	echo "Usage: snortd {start|stop|status|restart|condrestart}"
	exit 1
esac

exit $RETVAL