pči kompilaci jsem použil parameter --prefix
#./configure_cmake.sh --define=ICONV_ACCEPTS_NONCONST_INPUT:BOOL=true --prefix=/usr/local/snort
převzal jsem tedy zmíněný init script ze Snort2 a upravil jsem tedy potřebné:
do /etc/rc.conf přidal:
#SNORT
snort_enable="YES"
snort_flags="-Dq"
snort_interface="bridge0"
snort_conf="${PREFIX}/etc/snort/snort.lua"
snort_expression=""
a vytvořil soubor /usr/local/etc/rc.d/snort a nastavil chmod +x , chmod 555
jeho obsah:
#!/bin/sh
# $FreeBSD$
# PROVIDE: snort
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable snort:
# snort_enable (bool): Set to YES to enable snort
# Default: NO
# snort_flags (str): Extra flags passed to snort
# Default: -D -q
# snort_interface (str): Network interface to sniff
# Default: ""
# snort_conf (str): Snort configuration file
# Default: ${PREFIX}/etc/snort/snort.conf
# snort_expression (str): filter expression
# If your expression is very long, set
# kern.ps_arg_cache_limit sysctl variable
# to large value. Otherwise, snort won't
# restart!
# Default: ""
#
# To enable multi interface, use:
# snort_rules="eth0 eth1"
# defaults will follow, snort.conf becomes 'snort_eth0.conf', etc.
. /etc/rc.subr
name="snort"
rcvar=snort_enable
extra_commands=reload
command="%%PREFIX%%/bin/snort"
load_rc_config $name
[ -z "$snort_enable" ] && snort_enable="NO"
[ -z "$snort_conf" ] && snort_conf="%%PREFIX%%/etc/snort/snort.lua"
[ -z "$snort_flags" ] && snort_flags="-D -q"
[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface" \
&& pidfile="/var/run/snort_${snort_interface}.pid"
[ -n "$snort_conf" ] && snort_flags="$snort_flags -c $snort_conf"
[ -n "$snort_expression" ] && snort_flags="$snort_flags $snort_expression"
if [ -n "$snort_rules" ]; then
_1=$1
if [ $# -gt 1 ]; then shift; snort_rules=$*; fi
snort_conf=""
snort_flags=""
rc=0
for i in ${snort_rules}; do
eval _conf=\$snort_${i}_conf
eval _flags=\$snort_${i}_flags
[ -z "$_flags" ] && _flags="-D -q"
eval _intf=\$snort_${i}_interface
eval _expr=\$snort_${i}_expression
if [ -n "$_intf" ] ;then
_conf="$_conf -i $_intf"
eval pidfile="/var/run/snort_$_intf.pid"
fi
command_args="$_flags -c $_conf $_expr"
run_rc_command "$_1"
if [ $? -ne 0 ]; then rc=1; fi
unset _pidcmd _rc_restart_done
done
exit $rc
else
run_rc_command "$1"
fi
v něm jsem změnil
[ -z "$snort_conf" ] && snort_conf="%%PREFIX%%/etc/snort/snort.lua"
v /etc/rc.local
/usr/local/snort/bin/snort -c /usr/local/snort/etc/snort/snort.lua -i bridge0
udělal jsem reboot, ale snort po bootu neběží
ten init script stejně řeší jen přepínače(start, restart, stop, status, etc) ...ten já v podstatě vůbec nepotřebuju
mě kurna stačí jen nastartovat Snort po bootu