maltfilter: example.init annotate

annotate example.init @ 117:7a5ff24aa572 default tip

Added tag maltfilter-0.20.5 for changeset ed506a76eb31

author	Matti Hamalainen <ccr@tnsp.org>
date	Sun, 18 Nov 2012 23:43:59 +0200
parents	ff602dc88d9e
children

rev	line source
0 fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	1 #! /bin/sh
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	2 ### BEGIN INIT INFO
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	3 # Provides: maltfilter
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	4 # Required-Start: $syslog $remote_fs
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	5 # Required-Stop: $syslog $remote_fs
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	6 # Default-Start: 2 3 4 5
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	7 # Default-Stop: 1
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	8 # Short-Description: Malicious Attack Livid Termination Filter
1 ff602dc88d9e Add long description in init script example. Matti Hamalainen <ccr@tnsp.org> parents: 0 diff changeset	9 # Description: Maltfilter daemon script continuously scans various system logfiles
ff602dc88d9e Add long description in init script example. Matti Hamalainen <ccr@tnsp.org> parents: 0 diff changeset	10 # including auth.log, httpd logs, etc. for signs of malicious connections
ff602dc88d9e Add long description in init script example. Matti Hamalainen <ccr@tnsp.org> parents: 0 diff changeset	11 # break-in and exploitation attempts. The originating IP addresses of
ff602dc88d9e Add long description in init script example. Matti Hamalainen <ccr@tnsp.org> parents: 0 diff changeset	12 # these connections are then blocked via Netfilter (iptables).
0 fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	13 ### END INIT INFO
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	14 # Author: Matti Hamalainen <ccr@tnsp.org>
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	15
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	16 PATH=/sbin:/usr/sbin:/bin:/usr/bin
1 ff602dc88d9e Add long description in init script example. Matti Hamalainen <ccr@tnsp.org> parents: 0 diff changeset	17 DESC="Malicious Attack Livid Termination Filter"
0 fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	18 NAME=maltfilter
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	19 DAEMON="/usr/sbin/$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	20 CONFIG="/etc/maltfilter.conf"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	21 PIDFILE="/var/run/$NAME.pid"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	22 SCRIPTNAME="/etc/init.d/$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	23
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	24 # Exit if the package is not installed
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	25 [ -x "$DAEMON" ] \|\| exit 0
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	26
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	27 # Load the VERBOSE setting and other rcS variables
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	28 . /lib/init/vars.sh
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	29
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	30 # Define LSB log_* functions.
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	31 # Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	32 . /lib/lsb/init-functions
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	33
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	34 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	35 # Function that starts the daemon/service
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	36 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	37 do_start()
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	38 {
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	39 # Return
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	40 # 0 if daemon has been started
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	41 # 1 if daemon was already running
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	42 # 2 if daemon could not be started
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	43 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \|\| return 1
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	44 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $PIDFILE $CONFIG \|\| return 2
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	45 }
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	46
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	47 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	48 # Function that stops the daemon/service
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	49 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	50 do_stop()
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	51 {
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	52 # Return
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	53 # 0 if daemon has been stopped
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	54 # 1 if daemon was already stopped
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	55 # 2 if daemon could not be stopped
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	56 # other if a failure occurred
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	57 start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	58 RETVAL="$?"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	59 [ "$RETVAL" = 2 ] && return 2
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	60
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	61 # Many daemons don't delete their pidfiles when they exit.
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	62 rm -f $PIDFILE
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	63 return "$RETVAL"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	64 }
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	65
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	66 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	67 # Function that sends a SIGHUP to the daemon/service
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	68 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	69 do_reload() {
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	70 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	71 # If the daemon can reload its configuration without
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	72 # restarting (for example, when it is sent a SIGHUP),
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	73 # then implement that here.
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	74 #
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	75 start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	76 return 0
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	77 }
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	78
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	79 case "$1" in
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	80 start)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	81 [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	82 do_start
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	83 case "$?" in
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	84 0\|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	85 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	86 esac
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	87 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	88 stop)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	89 [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	90 do_stop
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	91 case "$?" in
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	92 0\|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	93 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	94 esac
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	95 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	96 reload\|force-reload)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	97 log_daemon_msg "Reloading $DESC" "$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	98 do_reload
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	99 log_end_msg $?
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	100 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	101 restart)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	102 log_daemon_msg "Restarting $DESC" "$NAME"
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	103 do_stop
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	104 case "$?" in
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	105 0\|1)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	106 do_start
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	107 case "$?" in
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	108 0) log_end_msg 0 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	109 1) log_end_msg 1 ;; # Old process is still running
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	110 *) log_end_msg 1 ;; # Failed to start
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	111 esac
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	112 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	113 *)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	114 # Failed to stop
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	115 log_end_msg 1
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	116 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	117 esac
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	118 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	119 *)
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	120 echo "Usage: $SCRIPTNAME {start\|stop\|restart\|reload\|force-reload}" >&2
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	121 exit 3
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	122 ;;
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	123 esac
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	124
fec14263801d Initial import of maltfilter development version. Matti Hamalainen <ccr@tnsp.org> parents: diff changeset	125 :

Mercurial > hg > maltfilter

annotate example.init @ 117:7a5ff24aa572 default tip