#!/sbin/runscript
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: Exp $

start() {
	ebegin "Starting p0f-analyzer"
	if [ -z "$BpfFilter" ]; then
		BpfFilter='tcp dst port 25'
	else
		BpfFilter="$BpfFilter and tcp dst port 25"
	fi
	if [ -z "$P0FANALYZERPORT" ]; then
		P0FANALYZERPORT="2345"
	fi

	# The command in backticks returns all the local IP addresses on this machine.
	for OneIP in `/sbin/ifconfig 2>/dev/null | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//'` ; do
		BpfFilter="$BpfFilter and not src host $OneIP"
	done

	# Create a lock file.
	mkdir -p /var/lock/subsys
	touch /var/lock/subsys/p0f-analyzer
	
	# Start up p0f and filter out all packets having destination port 25
	# and pipe it to p0f-analyzer.
	nohup /usr/sbin/p0f -l "${BpfFilter}" 2>&1 | /usr/bin/p0f-analyzer.pl ${P0FANALYZERPORT} &
	#( /usr/sbin/p0f -l "${BpfFilter}" 2>&1 | /usr/bin/p0f-analyzer.pl ${P0FANALYZERPORT} ) &
	mypid="${!}"
	myrc="${?}"
	echo ${mypid}>/var/run/p0f-analyzer.pid
	eend ${myrc}
	mycmd="$(echo "${BpfFilter}" | sed -e "s:\(\.\|\-\|\:\|\ \):\\\\\1:g")"
	for foo in $(ps h -C "p0f" -o pid)
	do
		if [ -d /proc/${foo} -a "${foo}" != "" ]
		then
			if ( grep -q "${mycmd}" /proc/${foo}/cmdline )
			then
				echo ${foo}>>/var/run/p0f-analyzer.pid
			fi
		fi
	done
}

stop() {
	ebegin "Stopping p0f-analyzer"
	for foo in $(cat /var/run/p0f-analyzer.pid 2>/dev/null)
	do
		if [ -d /proc/${foo} -a "${foo}" != "" ]
		then
			kill -9 ${foo} 1>/dev/null 2>&1
		fi
	done
	rm -f /var/lock/subsys/p0f-analyzer
	eend ${?}
	rm -f /var/run/p0f-analyzer.pid
}