The Poor Man's (or Woman's) Intrusion Detection System
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

113 lines
1.9 KiB

  1. #!/bin/sh
  2. ### BEGIN INIT INFO
  3. # Provides: trafficmon
  4. # Required-Start: $remote_fs
  5. # Required-Stop: $remote_fs
  6. # X-Start-Before: $syslog
  7. # X-Stop-After: $syslog
  8. # Default-Start: 2 3 4 5
  9. # Default-Stop: 0 1 6
  10. # Short-Description: Monitor and record net traffic
  11. # Description: This service listens to a pipe for "iptables LOG" and
  12. # dnsmasq DNS query messages. It then records information
  13. # about internet access into a MySQL DB. Typically these
  14. # messages are provided by syslogd.
  15. #
  16. # NOTE: if this is started after syslogd the pipe might not
  17. # be available and syslogd will simply not try to write to
  18. # until a restart.
  19. ### END INIT INFO
  20. NAME="trafficmon"
  21. DAEMON="/usr/sbin/$NAME"
  22. RUN=/run
  23. CONF=/etc/poorman-ids/sample.conf
  24. SOCK=""
  25. # Pull in config
  26. if [ -r "/etc/default/$NAME" ]; then
  27. . /etc/default/$NAME
  28. fi
  29. ### Setup control variables ###
  30. # This is where we put PID files and the pipe
  31. RUN="$RUN/poorman-ids"
  32. PID="$RUN/$NAME.pid"
  33. mkdir -p "$RUN"
  34. [ -n "$SOCK" ] || SOCK="$RUN/$NAME.sock"
  35. ### ACTIONS ###
  36. # The main service command
  37. CTRL() {
  38. start-stop-daemon --pidfile "$PID" --exec "$DAEMON" "$@"
  39. }
  40. do_start() {
  41. echo -n "Starting Traffic Monitor: "
  42. if CTRL --start --oknodo -- -c "$CONF" -b -i "$PID" -b -p "$SOCK"; then
  43. echo "OK"
  44. else
  45. echo "FAIL"
  46. exit 1
  47. fi
  48. }
  49. do_stop() {
  50. echo -n "Stoping Traffic Monitor: "
  51. if CTRL --stop --remove-pidfile; then
  52. echo "OK"
  53. else
  54. echo "FAIL"
  55. exit 1
  56. fi
  57. }
  58. do_status() {
  59. echo -n "Traffic Monitor is: "
  60. if CTRL --status; then
  61. echo "Up"
  62. else
  63. echo "Down"
  64. exit 1
  65. fi
  66. }
  67. ### Main()
  68. case "$1" in
  69. start)
  70. do_start
  71. ;;
  72. stop)
  73. do_stop
  74. ;;
  75. restart)
  76. do_status && do_stop
  77. do_start
  78. ;;
  79. status)
  80. do_status
  81. ;;
  82. *)
  83. echo "$0 {start | stop | restart | status}"
  84. ;;
  85. esac