head	1.3;
access;
symbols
	OPENPKG_E1_MP_HEAD:1.3
	OPENPKG_E1_MP:1.3
	OPENPKG_E1_MP_2_STABLE:1.2.4.1
	OPENPKG_E1_FP:1.2.4.1
	OPENPKG_2_STABLE_MP:1.3
	OPENPKG_2_STABLE_20061018:1.2.4.1
	OPENPKG_2_STABLE_20060622:1.2
	OPENPKG_2_STABLE:1.2.0.4
	OPENPKG_2_STABLE_BP:1.2
	OPENPKG_2_5_RELEASE:1.2
	OPENPKG_2_5_SOLID:1.2.0.2
	OPENPKG_2_5_SOLID_BP:1.2;
locks; strict;
comment	@# @;


1.3
date	2006.08.25.19.19.12;	author rse;	state Exp;
branches;
next	1.2;
commitid	Tvsj1UyQ8rQ89gKr;

1.2
date	2005.09.03.19.39.15;	author rse;	state Exp;
branches
	1.2.4.1;
next	1.1;

1.1
date	2005.07.29.08.00.19;	author rse;	state Exp;
branches;
next	;

1.2.4.1
date	2006.10.16.14.56.33;	author rse;	state Exp;
branches;
next	;
commitid	iZxwRSmmWscPXUQr;


desc
@@


1.3
log
@replace '@@l_prefix@@/lib/openpkg/bash @@l_prefix@@/etc/rc' in shebang with '@@l_prefix@@/bin/openpkg rc' to allow people who run the rc.xxx scripts directly (as executables) to leverage from the Set-UID functionality
@
text
@#!@@l_prefix@@/bin/openpkg rc
##
##  rc.snort -- Run-Commands
##

%config
    snort_enable="$openpkg_rc_def"
    snort_if=""
    snort_flags="-N -Afast -o"
    snort_log_prolog="true"
    snort_log_epilog="true"
    snort_log_numfiles="10"
    snort_log_minsize="1M"
    snort_log_complevel="9"
    snort_update_time="once"
    snort_update_source="file://@@l_prefix@@/share/snort/rules.tar.gz"

%common
    snort_cfgfile="@@l_prefix@@/etc/snort/snort.conf"
    snort_logdir="@@l_prefix@@/var/snort"
    snort_piddir="@@l_prefix@@/var/snort"
    snort_pidfile="$snort_piddir/snort_${snort_if}.pid"
    snort_signal () {
        [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile`
    }
    snort_update () {
        @@l_prefix@@/sbin/snort-update "$snort_update_source"
    }

%status -u @@l_susr@@ -o
    snort_usable="no"
    snort_active="no"
    @@l_prefix@@/sbin/snort \
        -q -T \
        -u "@@l_rusr@@" -g "@@l_rgrp@@" \
        -i "$snort_if" \
        -c "$snort_cfgfile" \
        -l "$snort_logdir" \
        >/dev/null 2>&1 && snort_usable="yes"
    [ ".$snort_if" = . ] && snort_usable="no"
    rcService snort enable yes && snort_signal 0 && snort_active="yes"
    echo "snort_enable=\"$snort_enable\""
    echo "snort_usable=\"$snort_usable\""
    echo "snort_active=\"$snort_active\""

%start -p 100 -u @@l_susr@@
    rcService snort enable yes || exit 0
    rcService snort active yes && exit 0
    @@l_prefix@@/sbin/snort \
        -q -D \
        -u "@@l_rusr@@" -g "@@l_rgrp@@" \
        -i "$snort_if" \
        -c "$snort_cfgfile" \
        -l "$snort_logdir" \
        ${snort_flags}

%stop -p 900 -u @@l_susr@@
    rcService snort enable yes || exit 0
    rcService snort active no  && exit 0
    snort_signal TERM
    sleep 2
    rm -f $snort_pidfile 2>/dev/null || true

%restart -p 100 -u @@l_susr@@
    rcService snort enable yes || exit 0
    rcService snort active no  && exit 0
    rc snort stop start

%hourly -u @@l_rusr@@
    rcService snort enable yes || exit 0
    if [ ".$snort_update_time" = .hourly ]; then
        snort_update || exit $?
    fi

%daily -u @@l_rusr@@
    rcService snort enable yes || exit 0
    if [ ".$snort_update_time" = .daily ]; then
        snort_update || exit $?
    fi
    shtool rotate -f \
        -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \
        -z ${snort_log_complevel} -m 644 -o @@l_rusr@@ -g @@l_rgrp@@ \
        -P "${snort_log_prolog}" \
        -E "${snort_log_epilog}; rc snort reload" \
        $snort_logdir/snort.alert.log

%weekly -u @@l_rusr@@
    rcService snort enable yes || exit 0
    if [ ".$snort_update_time" = .weekly ]; then
        snort_update || exit $?
    fi

@


1.2
log
@Major packaging improvement:

1. Completely revamp the rule handling: First, rules are no longer
   installed in unpacked form. Instead their original tarball is
   installed. Second, the Snort oinkmaster tool is installed and used
   to manage the rule installation.

   By default it just uses the default rule tarball once (which means
   it just initially installs them). But after optional registering at
   snort.org, one can use the received "oinkcode" to let the package
   upgrade to the latest Snort rules automatically.

2. Add OSSP fsl support to make sure Snort no longer logs to syslog.
@
text
@d1 1
a1 1
#!@@l_prefix@@/lib/openpkg/bash @@l_prefix@@/etc/rc
@


1.2.4.1
log
@Mass merge from CURRENT to 2-STABLE (all packages except those of JUNK class)
@
text
@d1 1
a1 1
#!@@l_prefix@@/bin/openpkg rc
@


1.1
log
@dramatically improve packaging by fully daemonizing it; upgrade to latest version 2.4 which has the rules separate
@
text
@d15 2
d26 3
d69 7
a75 1
%daily -u @@l_susr@@
d77 3
d87 6
@