#!/bin/ksh
#
# snort.sh
#
# Created by the Honeynet Project <project@honeynet.org>
# March 18, 2000
#
# Used to launch snort for daily automated IDS.
# This creates a new directory every day for snort logs.
#

PATH=/bin:/usr/local/bin
PID=`cat /var/run/snort_qfe0.pid`
DIR=/opt/ids/snort
DATE=`date +%b_%d`
SNORT=/usr/local/bin/snort
USER=snort

### Kill snort
echo "\nKilling snort, PID $PID\n"
kill $PID > /dev/null 2>&1

if [ -d $DIR/logs/$DATE ];then
        :
else
        mkdir $DIR/logs/$DATE
        chown $USER $DIR/logs/$DATE 
fi

### Start snort for the Honeynet
$SNORT -b -D -c $DIR/conf/snort.conf  -i qfe0 -l $DIR/logs/$DATE -u $USER