Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 585768 | Differences between
and this patch

Collapse All | Expand All

(-)sguil-0.9.0/sensor/log_packets-sancp.sh (-18 / +8 lines)
Lines 27-51 Link Here
27
#                                                                         #
27
#                                                                         #
28
###########################################################################
28
###########################################################################
29
29
30
# Edit these for your setup
30
# get user config
31
source /etc/conf.d/log_packets
31
32
32
# Sensors hostname.
33
# conf.d uses different var name, we map this here for backwards comapt
33
# Note: If running multiple snort instances, then this must be different
34
INTERFACE="${IFACE}"
34
#       for each instance (ie sensor1, sensor2, sensor-eth0, sensor-eth1, etc)
35
HOSTNAME="myhost"
36
# Path to logger binary
37
LOGGER_PATH="/usr/local/sancp-1.6.2-candidate.C.6/bin/sancp"
38
# Directory to log pcap data to (date dirs will be created in here)
39
# Note: The path $HOSTNAME/dailylogs, will be appended to this.
40
LOG_DIR="/snort_data"
41
# Percentage of disk to try and maintain
42
MAX_DISK_USE=95
43
# Interface to 'listen' to.
44
INTERFACE="eth0"
45
# Other options to use when starting snort
35
# Other options to use when starting snort
46
OPTIONS=""
36
OPTIONS=""
47
# Where to store the pid
37
# Path to logger binary
48
PIDFILE="/var/run/sancp_log-${HOSTNAME}.pid"
38
LOGGER_PATH="/usr/bin/sancp"
49
# How do we run ps
39
# How do we run ps
50
PS="ps awx"
40
PS="ps awx"
51
# Where is grep
41
# Where is grep
Lines 89-97 Link Here
89
      chmod 777 $LOG_DIR/$today
79
      chmod 777 $LOG_DIR/$today
90
    fi
80
    fi
91
    if [ -n "$FILTER" ]; then
81
    if [ -n "$FILTER" ]; then
92
      eval exec $LOGGER_PATH $OPTIONS -d $LOG_DIR/$today -i $INTERFACE -c $CONFIG_FILE -B $FILTER > /tmp/snort.log 2>&1 &
82
      eval exec $LOGGER_PATH $OPTIONS -d $LOG_DIR/$today -i $INTERFACE -c $CONFIG_FILE -B "${FILTER}" &
93
    else
83
    else
94
      eval exec $LOGGER_PATH $OPTIONS -d $LOG_DIR/$today -i $INTERFACE -c $CONFIG_FILE > /tmp/snort.log 2>&1 &
84
      eval exec $LOGGER_PATH $OPTIONS -d $LOG_DIR/$today -i $INTERFACE -c $CONFIG_FILE &
95
    fi
85
    fi
96
    PID=$!
86
    PID=$!
97
    if [ $? = 0 ]; then
87
    if [ $? = 0 ]; then
(-)sguil-0.9.0/sensor/log_packets.sh (-20 / +9 lines)
Lines 22-47 Link Here
22
#                                                            #
22
#                                                            #
23
##############################################################
23
##############################################################
24
24
25
# get user config
26
source /etc/conf.d/log_packets
25
27
26
# Edit these for your setup
28
# conf.d uses different var name, we map this here for backwards comapt
27
29
INTERFACE="${IFACE}"
28
# Sensors hostname.
30
# tell snort where to find DAQ libs
29
# Note: If running multiple snort instances, then this must be different
31
OPTIONS="${OPTIONS} --daq-dir /usr/lib/daq"
30
#       for each instance (ie sensor1, sensor2, sensor-eth0, sensor-eth1, etc)
31
HOSTNAME="myhost"
32
# Path to snort binary
32
# Path to snort binary
33
SNORT_PATH="/usr/local/bin/snort"
33
SNORT_PATH="/usr/bin/snort"
34
# Directory to log pcap data to (date dirs will be created in here)
35
# Note: The path $HOSTNAME/dailylogs, will be appended to this.
36
LOG_DIR="/snort_data"
37
# Percentage of disk to try and maintain
38
MAX_DISK_USE=90
39
# Interface to 'listen' to.
40
INTERFACE="eth0"
41
# Other options to use when starting snort
42
#OPTIONS="-u sguil -g sguil -m 122"
43
# Where to store the pid
44
PIDFILE="/var/run/snort_log-${HOSTNAME}.pid"
45
# How do we run ps
34
# How do we run ps
46
PS="ps awx"
35
PS="ps awx"
47
# Where is grep
36
# Where is grep
Lines 83-91 Link Here
83
      chmod 777 $LOG_DIR/$today
72
      chmod 777 $LOG_DIR/$today
84
    fi
73
    fi
85
    if [ -n "$FILTER" ]; then
74
    if [ -n "$FILTER" ]; then
86
      eval exec $SNORT_PATH $OPTIONS -l $LOG_DIR/$today -b -i $INTERFACE $FILTER > /tmp/snort.log 2>&1 &
75
      eval exec $SNORT_PATH $OPTIONS -l $LOG_DIR/$today -b -i $INTERFACE $FILTER &
87
    else
76
    else
88
      eval exec $SNORT_PATH $OPTIONS -l $LOG_DIR/$today -b -i $INTERFACE > /tmp/snort.log 2>&1 &
77
      eval exec $SNORT_PATH $OPTIONS -l $LOG_DIR/$today -b -i $INTERFACE &
89
    fi
78
    fi
90
    PID=$!
79
    PID=$!
91
    if [ $? = 0 ]; then
80
    if [ $? = 0 ]; then

Return to bug 585768