Did you compile snort yourself or did you use some kind of binary distribution ? If you've chosen the RPM package, the script should already be placed into /etc/rc.d/init.d if you've been choosing to build snort from the sources (a good idea), the following might be what you're looking for:
Code:
#!/bin/sh
#
# snortd Start/Stop the snort IDS daemon.
#
# chkconfig: 2345 40 60
# description: snort is a lightweight network intrusion detection tool that
# currently detects more than 1100 host and network
# vulnerabilities, portscans, backdoors, and more.
#
# June 10, 2000 -- Dave Wreski <dave@linuxsecurity.com>
# - initial version
#
# July 08, 2000 Dave Wreski <dave@guardiandigital.com>
# - added snort user/group
# - support for 1.6.2
# July 31, 2000 Wim Vandersmissen <wim@bofh.st>
# - added chroot support
# Source function library.
. /etc/rc.d/init.d/functions
# Specify your network interface here
INTERFACE=eth0
# See how we were called.
case "$1" in
start)
echo -n "Starting snort: "
cd /var/log/snort
daemon /usr/bin/snort -b -l /var/log/snort -d -D \
-i $INTERFACE -c /etc/snort/snort.conf
touch /var/lock/subsys/snort
echo
;;
stop)
echo -n "Stopping snort: "
killproc snort
rm -f /var/lock/subsys/snort
echo
;;
restart)
$0 stop
$0 start
;;
status)
status snort
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
Copy & paste into /etc/rc.d/init.d/snortd
Code:
chmod 700 /etc/rc.d/init.d/snortd
chkconfig snortd on
