if ($unix->process_exists($pid, basename(__FILE__))) { events("PID: {$pid} Already exists...."); die; } if ($argv[1] == "--cd") { installapt(); die; } if ($argv[1] == "--path") { @unlink($GLOBALS["LOGFILE"]); installapt($argv[2]); die; } if ($argv[1] == "--install") { @unlink($GLOBALS["LOGFILE"]); installapt($argv[2]); die; } function installapt() { @unlink($GLOBALS["LOGFILE"]); $unix = new unix(); $mount = $unix->find_program("mount"); $umount = $unix->find_program("umount"); $tar = $unix->find_program("tar"); $rm = $unix->find_program("rm"); echo "Please wait...\n"; build_progress("{update_debian_repository}", 5); $aptget = $unix->find_program("apt-get"); build_progress("{updating_repository}", 15); echo "Please wait, running apt-get install\n";
function start($nopid = false) { $unix = new unix(); $sock = new sockets(); $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; if (!$nopid) { $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Already Artica task running PID {$pid} since {$time}mn\n"; } return; } } $pid = suricata_pid(); if ($unix->process_exists($pid)) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Already running since {$time}Mn...\n"; } return; } $EnableSuricata = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableSuricata")); if ($EnableSuricata == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Disabled ( see EnableSuricata )...\n"; } return; } $masterbin = $unix->find_program("suricata"); if (!is_file($masterbin)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Not installed...\n"; } return; } $ldconfig = $unix->find_program("ldconfig"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} running ldconfig..\n"; } system($ldconfig); if (!is_file("/etc/suricata/suricata.yaml")) { suricata_config(); } @mkdir("/var/run/suricata", 0755, true); @mkdir("/var/log/barnyard2", 0755, true); @mkdir("/var/log/suricata", 0755, true); @chmod("/usr/share/artica-postfix/bin/sidrule", 0755); if (is_file("/var/log/suricata.log")) { @unlink("/var/log/suricata.log"); } $SuricataInterface = $sock->GET_INFO("SuricataInterface"); if ($SuricataInterface == null) { $SuricataInterface = "eth0"; } if ($handle = opendir("/var/log/suricata")) { while (false !== ($fileZ = readdir($handle))) { if ($fileZ == ".") { continue; } if ($fileZ == "..") { continue; } $path = "/var/log/suricata/{$fileZ}"; if (preg_match("#unified2\\.alert\\.#", $fileZ)) { if ($unix->file_time_min($path) > 10) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} remove {$path}\n"; } @unlink($path); } continue; } } } $ethtool = $unix->find_program("ethtool"); if (is_file($ethtool)) { shell_exec("{$ethtool} -K {$SuricataInterface} gro off >/dev/null 2>&1"); shell_exec("{$ethtool} -K {$SuricataInterface} lro off >/dev/null 2>&1"); } $suricata_version = suricata_version(); @mkdir("/var/run/suricata", 0755, true); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Starting service v{$suricata_version}\n"; } $cmd = "{$masterbin} -c /etc/suricata/suricata.yaml --pidfile /var/run/suricata/suricata.pid --pfring -D"; @unlink("/var/run/suricata/suricata.pid"); if (!installapt()) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Failed to check required packages\n"; } } shell_exec($cmd); $c = 1; for ($i = 0; $i < 10; $i++) { sleep(1); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Starting service waiting {$c}/10\n"; } $pid = suricata_pid(); if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Success PID {$pid}\n"; } break; } $c++; } $pid = suricata_pid(); if (!$unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Failed\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$cmd}\n"; } } else { $nohup = $unix->find_program("nohup"); shell_exec("{$nohup} /etc/init.d/suricata-tail restart >/dev/null 2>&1 &"); if (is_file("/bin/suricata-fw.sh")) { shell_exec("/bin/suricata-fw.sh"); } } }