#!/bin/sh
#
# snort		Starts snort in intrusion-detection mode
#
# chkconfig: - 93 07
# description: snort is a network intrusion detection system

# Source function library.
. /etc/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

if [ -f /etc/sysconfig/snort ];then
        . /etc/sysconfig/snort
fi

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

SNORT_BIN=/usr/bin/snort

[ -x $SNORT_BIN -a -f /etc/snort.d/snort.conf ] || exit 0

OPTIONS="-D -i $SNORT_INTERFACE -u $SNORT_USER -g $SNORT_GROUP -c $SNORT_CFGFILE"

RETVAL=0
prog="snort"

start() {
        # Start daemons.
        echo -n $"Starting $prog: "
        daemon $SNORT_BIN $OPTIONS $SNORT_OPTIONS
	RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/snort
	return $RETVAL
}

stop() {
        # Stop daemons.
        echo -n $"Shutting down $prog: "
	killproc snort
	RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/snort
	return $RETVAL
}

reload() {
	action $"Reloading $prog: " killall -HUP $SNORT_BIN
	RETVAL=$?
}

# See how we were called.
case "$1" in
  start)
	start
        ;;
  stop)
	stop
        ;;
  status)
	status snort
	RETVAL=$?
	;;
  restart)
	stop
	start
	;;
  reload)
	reload
	;;
  condrestart)
	if [ -f /var/lock/subsys/snort ]; then
	    stop
	    start
	    RETVAL=$?
	fi
	;;
  *)
        echo $"Usage: $0 {start|stop|restart|condrestart|status}"
        exit 1
esac

exit $RETVAL
