#!/bin/bash
#
# portsentry Start the portsentry Port Scan Detector 
#
# Authors: Craig Rowland <crowland@psionic.com> and Tim Powers <timp@redhat.com>
# Modified Feb 01, 2001: Vincent Danen <vdanen@mandrakesoft.com>
# Modified Jun 16, 2003: Mathieu Lubrano <mlubrano@sourcemage.org>
# Modified May 06, 2004: Eric Sandall <sandalle@sourcemage.org> for simpleinit-msb system
#
# chkconfig: 345 98 05
# description: PortSentry Port Scan Detector is part of the Abacus Project \
#              suite of tools. The Abacus Project is an initiative to release \
#              low-maintenance, generic, and reliable host based intrusion \
#              detection software to the Internet community.
# processname: portsentry
# configfile: /etc/portsentry/portsentry.conf
# pidfile: /var/run/portsentry.pid

# Source function library.
. /etc/init.d/smgl_init

# Check that networking is up.
# [ ${NETWORKING} = "no" ] && exit 0

PROGRAM=/usr/sbin/portsentry
RUNLEVEL=3
NEEDS="+remote_fs"

PIDFILE=/var/run/portsentry.pid
RETVAL=$?

start (){
  #set up the ignore file
  SENTRYDIR=/etc/portsentry
  TMPFILE=/tmp/portsentry.ignore.tmp

  for i in `/sbin/ifconfig -a | grep inet | awk '{print $2}' | sed 's/addr://'` ; do
    builtin echo $i >> $TMPFILE
  done

  if [ -f $SENTRYDIR/always_ignore ]; then
    cat $SENTRYDIR/always_ignore >> $TMPFILE
  fi
  cp -f $TMPFILE $SENTRYDIR/portsentry.ignore
  rm -f $TMPFILE
  
  #check for modes defined in the config file
  if [ -s $SENTRYDIR/portsentry.modes ] ; then
    modes=`cut -d "#" -f 1 $SENTRYDIR/portsentry.modes`
  else
    modes="tcp udp"
  fi
  for i in $modes ; do
    echo  "Starting portsentry -$i..." 
  $PROGRAM -$i
    RETVAL=$?
  done
  [ $RETVAL -eq 0 ] && touch /var/lock/portsentry
  evaluate_retval
}

stop() {
  echo  "Stopping portsentry..."
  kill $(pidof portsentry)
  evaluate_retval
  RETVAL=$?
  [ $RETVAL -eq 0 ] && rm -f /var/lock/portsentry
}

restart() {
  stop     &&
  sleep 1  &&
  start
}

status() {
  if [ -f $PIDFILE ]; then
    if ps -p $(cat $PIDFILE) > /dev/null; then
      echo "portsentry is running with Process ID(s) $(cat $PIDFILE)"
    else
      echo "portsentry is not running, but $PIDFILE exists"
      exit 1
    fi
  else
    echo "portsentry is not running"
  fi
}
