sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-06-05 12:56:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/security/suricata/files/suricata.in
Mathieu Arnold 135fdeebb9
all: Remove all other $FreeBSD keywords.
2021-04-06 16:31:13 +02:00

67 lines
2 KiB
Bash
Raw Blame History

#!/bin/sh
# PROVIDE: suricata
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable suricata:
# suricata_enable (bool): Set to YES to enable suricata
# Default: NO
# suricata_flags (str): Extra flags passed to suricata
# Default: -D
# suricata_interface (str): Network interface(s) to sniff
# Default: ""
# suricata_conf (str): Suricata configuration file
# Default: ${PREFIX}/etc/suricata/suricata.yaml
# suricata_divertport (int): Port to create divert socket (Inline Mode)
# Default: 8000
# suricata_netmap (str): Set to YES to enable netmap (Inline Mode)
# Default: NO
# suricata_user (str): Set the user to run suricata as
# Default: root
# suricata_pidfile (str): Pidfile to store pid of suricata process
# Default: /var/run/suricata.pid
. /etc/rc.subr
name="suricata"
rcvar=suricata_enable
start_precmd="suricata_prestart"
command="%%PREFIX%%/bin/suricata"
load_rc_config $name
[ -z "$suricata_enable" ] && suricata_enable="NO"
[ -z "$suricata_conf" ] && suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml"
[ -z "$suricata_flags" ] && suricata_flags="-D"
[ -z "$suricata_divertport" ] && suricata_divertport="8000"
[ -z "$suricata_netmap" ] && suricata_netmap="NO"
[ -z "$suricata_user" ] && suricata_user="root"
[ -z "$suricata_pidfile" ] && suricata_pidfile="/var/run/suricata.pid"
if [ -n "$suricata_interface" ]; then
for interface in $suricata_interface; do
suricata_flags="$suricata_flags --pcap=$interface"
done
elif [ "$suricata_netmap" != "NO" ]; then
suricata_flags="$suricata_flags --netmap"
else
suricata_flags="$suricata_flags -d $suricata_divertport"
info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
fi
pidfile=$suricata_pidfile
suricata_flags="$suricata_flags --pidfile $pidfile"
[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf"
suricata_prestart()
{
if ! run_rc_command status > /dev/null; then
rm -f "$pidfile"
fi
}
run_rc_command "$1"
Reference in a new issue View git blame Copy permalink