#!/bin/sh
#
# Bro - Open-source, Unix-based Network Intrusion Detection System
#
# chkconfig:   - 57 30
# description: Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)      \
#              that passively monitors network traffic and looks for suspicious activity.
#

WITHOUT_RC_COMPAT=1

# Source function library.
. /etc/init.d/functions

# Source networking configuration.
SourceIfNotEmpty /etc/sysconfig/network

NAME="BRO ids"
PROCESSNAME="bro"
LOCKFILE="/var/lock/subsys/$PROCESSNAME"
BROUSER=${BROUSER:-root}
# proccess has name `bro' while start-stop is done using `broctl'
PIDFILE="none"

SourceIfNotEmpty "/etc/sysconfig/bro"

BROCTL="$(which broctl)"
BRO="$(which bro)"

start() {

    is_yes "$NETWORKING" || return 0

    # Is it running at all? If yes do nothing.
    FLAGS="--start --test --user $BROUSER --exec $BRO"
    if ! start-stop-daemon $FLAGS --test > /dev/null; then
        msg_already_running "$NAME"
        passed "$PROCESSNAME startup"
        STATUS=$?
        echo
        return $STATUS
    fi

    # Start
    start_daemon \
        --displayname "$NAME" \
        --lockfile "$LOCKFILE" \
        --expect-user ${BROUSER:-root} -- \
        $BROCTL "start"
    RETVAL=$?
    return $RETVAL
}

stop() {
    stop_daemon \
        --displayname "$NAME" \
        --pidfile "$PIDFILE" \
        --lockfile "$LOCKFILE" \
        --expect-user "$BROUSER" -- \
        "$PROCESSNAME"
    RETVAL=$?
    return $RETVAL
}

brostatus() {
    status \
        --displayname "$NAME" \
        --pidfile "$PIDFILE" \
        --expect-user "$BROUSER" -- \
        $PROCESSNAME
}

restart() {
    stop
    start
}

reload() {
    restart
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    restart)
        restart
        ;;
    reload)
        reload
        ;;
    status)
        brostatus
        ;;
    condstop)
        if [ -e "$LOCKFILE" ]; then
            stop
        fi
        ;;
    condrestart)
        if [ -e "$LOCKFILE" ]; then
            restart
        fi
        ;;
    condreload)
        if [ -e "$LOCKFILE" ]; then
            reload
        fi
        ;;
    condrestart)
        restart
        ;;
    *)
        msg_usage "${0##*/} {start|stop|reload|restart|condstop|condrestart|condreload|status}"
        RETVAL=1
esac

exit $RETVAL
