aboutsummaryrefslogtreecommitdiff
path: root/net/suricata6/files
diff options
context:
space:
mode:
Diffstat (limited to 'net/suricata6/files')
-rw-r--r--net/suricata6/files/etc/config/suricata12
-rwxr-xr-xnet/suricata6/files/etc/init.d/suricata82
2 files changed, 94 insertions, 0 deletions
diff --git a/net/suricata6/files/etc/config/suricata b/net/suricata6/files/etc/config/suricata
new file mode 100644
index 0000000..9b3ccbe
--- /dev/null
+++ b/net/suricata6/files/etc/config/suricata
@@ -0,0 +1,12 @@
+
+config suricata 'service'
+ option config_file '/etc/suricata/suricata.yaml'
+ option logdir '/var/log/suricata'
+ option pidfile '/var/log/suricata.pid'
+ option rules_file '/var/lib/suricata/rules/suricata.rules'
+ list queue '2'
+ list queue '9'
+ option verbose '0'
+ option scan_mode 'af-packet'
+ option interface 'eth0'
+
diff --git a/net/suricata6/files/etc/init.d/suricata b/net/suricata6/files/etc/init.d/suricata
new file mode 100755
index 0000000..ae92ca5
--- /dev/null
+++ b/net/suricata6/files/etc/init.d/suricata
@@ -0,0 +1,82 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2021 Ashkan Jazayeri <ashkan@jazayeri.net>
+
+START=99
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/bin/suricata
+
+validate_suricata_section() {
+ uci_load_validate suricata suricata "$1" "$2" \
+ 'scan_mode:string:af-packet' \
+ 'interface:string' \
+ 'config_file:string' \
+ 'logdir:string' \
+ 'pidfile:string' \
+ 'rules_file:string' \
+ 'verbose:range(0,4):0' \
+ 'queue:list(range(0,65535))'
+}
+
+start_suricata_instance() {
+ [ "$2" = 0 ] || {
+ echo "validation failed"
+ return 1
+ }
+
+ [ -f $pidfile -a -z $(pgrep suricata) ] && rm $pidfile && \
+ logger -t suricata[init_script] -p daemon.alert -s \
+ "Suricata was not closed properly or it has crashed. Successfully removed the previous $pidfile"
+
+ [ ! -d $logdir ] && mkdir -p $logdir
+
+ procd_open_instance
+ procd_set_param command $PROG -c $config_file
+ [ $rules_file ] && \
+ procd_append_param command -s $rules_file
+ procd_set_param file $config_file
+
+ [ "$verbose" -gt 0 ] && {
+ procd_append_param command -$(printf 'v%.0s' $(seq 1 $verbose))
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ }
+
+ case "$scan_mode" in
+ "af-packet" )
+ procd_append_param command --af-packet
+ procd_append_param command -i $interface
+ ;;
+ "nfq" )
+ [ -n "$queue" ] || {
+ logger -t suricata[init_script] -p daemon.emerg -s "No queue list provided. In NFQUEUE mode, a queue list must be specified under suricata config section (e.g. uci add_list suricata.service.queue=9)"
+ return 1
+ }
+ for number in $queue; do procd_append_param command -q $number ;done
+ ;;
+ esac
+
+ procd_set_param respawn
+ procd_close_instance
+}
+
+start_service() {
+ validate_suricata_section service start_suricata_instance
+}
+
+
+stop_service()
+{
+ service_stop $PROG
+}
+
+reload_service() {
+ procd_send_signal suricata '*' SIGUSR2
+}
+
+service_triggers()
+{
+ procd_add_reload_trigger "suricata"
+ procd_add_validation validate_suricata_section
+}
Powered by cgit, Themed by Ted Yin.