#!/bin/sh
#
# suricata	Suricata is a multi-threaded intrusion detection/prevention engine.
#
# chkconfig: - 90 10
# description:	Suricata is a multi-threaded intrusion detection/prevention engine
# processname: suricata
# config: /etc/suricata/suricata.yaml
# pidfile: /var/run/suricata.pid
### BEGIN INIT INFO
# Provides: suricata
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start:
# Default-Stop:
# Description: Suricata is a multi-threaded intrusion detection/prevention engine
# Short-Description: start and stop suricata
### END INIT INFO

# Do not load RH compatibility interface.
WITHOUT_RC_COMPAT=1

# Source function library.
. /etc/init.d/functions

SourceIfNotEmpty /etc/sysconfig/suricata

PIDFILE=/var/run/suricata.pid
LOCKFILE=/var/lock/subsys/suricata
RETVAL=0

start()
{
	start_daemon --lockfile "$LOCKFILE" -- suricata -c /etc/suricata/suricata.yaml -D --pidfile $PIDFILE  --user _suricata --group _suricata $OPTIONS
	RETVAL=$?
	return $RETVAL
}

stop()
{
	stop_daemon --lockfile "$LOCKFILE" --expect-user _suricata -- suricata
	RETVAL=$?
	return $RETVAL
}

restart()
{
	stop
	start
}

reload()
{
	stop
	start
}

# See how we were called.
case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	reload)
		reload
		;;
	restart)
		restart
		;;
	condstop)
		if [ -e "$LOCKFILE" ]; then
			stop
		fi
		;;
	condrestart)
		if [ -e "$LOCKFILE" ]; then
			restart
		fi
		;;
	condreload)
		if [ -e "$LOCKFILE" ]; then
			reload
		fi
		;;
	status)
		status --pidfile "$PIDFILE" --expect-user _suricata -- suricata
		RETVAL=$?
		;;
	*)
		msg_usage "${0##*/} {start|stop|reload|restart|condstop|condrestart|condreload|status}"
		RETVAL=1
esac

exit $RETVAL