[Oisf-users] issues with init script for Ubuntu 12.10
David Delorme
dmdelorme100 at yahoo.ca
Wed Apr 24 03:54:43 UTC 2013
I am having an issue with this script if i use the start part. It locks
me out from my local network to the server. and i have to issue the same
iptables command from the server it works.???? i am a little stumped.
> #! /bin/sh
> #set -x
> #
> ### BEGIN INIT INFO
> # Provides: suricatabarn
> # Required-Start: $remote_fs $syslog mysql
> # Required-Stop: $remote_fs $syslog
> # Default-Start: 2 3 4 5
> # Default-Stop: 0 1 6
> # X-Interactive: true
> # Short-Description:Start Suricata and Barnyard2
> ### END INIT INFO
> . /lib/init/vars.sh
> . /lib/lsb/init-functions
> do_start()
> {
> log_daemon_msg "Starting Suricatia and Barnyard" ""
> #/sbin/ifconfig p4p1 up
> /usr/bin/suricata -D -c /etc/suricata/suricata.yaml -q 0 -q 1 -q 2 -q 3 &
> /usr/bin/barnyard2 -c /etc/suricata/barnyard2.conf -d
> /var/log/suricata -f unified2.alert -w
> /var/log/suricata/suricata.waldo -D &
> /sbin/iptables -A INPUT -j NFQUEUE --queue-balance 0:3
> /sbin/iptables -A OUTPUT -j NFQUEUE --queue-balance 0:3
> log_end_msg 0
> return 0
> }
> do_stop()
> {
> log_daemon_msg "Removing Chains aka Django" ""
> /sbin/iptables -D INPUT -j NFQUEUE --queue-balance 0:3
> /sbin/iptables -D OUTPUT -j NFQUEUE --queue-balance 0:3
> log_daemon_msg "Stopping Suricata and Barnyard" ""
> kill $(pidof suricata) 2> /dev/null
> kill $(pidof barnyard2) 2> /dev/null
> log_end_msg 0
> return 0
> }
> do_restart()
> {
> log_daemon_msg "restarting Suricata and Barnyard" ""
> kill $(pidof suricata) 2> /dev/null
> kill $(pidof barnyard2) 2> /dev/null
> /usr/bin/suricata -D -c /etc/suricata/suricata.yaml -q 0 -q 1 -q 2 -q 3 &
> /usr/bin/barnyard2 -c /etc/suricata/barnyard2.conf -d
> /var/log/suricata -f unified2.alert -w
> /var/log/suricata/suricata.waldo -D &
> log_end_msg 0
> return 0
> }
> case "$1" in
> start)
> do_start
> ;;
> stop)
> do_stop
> ;;
> restart)
> do_restart
> ;;
> *)
> echo "Usage: surciatabarn {start|stop|restart}" >&2
> exit 3
> ;;
> esac
> exit 0
It is a crude hack of someone else script and i take no credit for it. I
added the restart part because the start would hang my shell....
Any hint would help
More information about the Oisf-users
mailing list