#!/bin/bash
#
# Init file for p0f - Passive OS fingerprinting tool
#
# Written by Dag Wieers <dag@wieers.com>.
#
# chkconfig: 345 52 48
# description: Passive OS fingerprinting tool
#
# processname: p0f
# pidfile: /var/run/p0f.pid

source /etc/rc.d/init.d/functions

### Default variables
BPFFILTER="tcp"
OPTIONS="-p -t -M -u pcap"
SYSCONFIG="/etc/sysconfig/p0f"

### Read configuration
[ -r "$SYSCONFIG" ] && source "$SYSCONFIG"

RETVAL=0
prog="p0f"
desc="Passive OS fingerprinting"

start() {
	echo -n $"Starting $desc ($prog): "

	for ip in $(/sbin/ifconfig 2>/dev/null | grep 'inet addr' | sed -e 's|.*addr:||' -e 's| .*||'); do
		BPFFILTER="$BPFFILTER and not src host $ip"
	done

	daemon p0f -d -o /var/log/p0f -q $OPTIONS "$BPFFILTER"
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
	return $RETVAL
}

stop() {
	echo -n $"Shutting down $desc ($prog): "
	killproc $prog
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
	return $RETVAL
}

restart() {
	stop
	start
}

case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  restart)
	restart
	;;
  reload)
	reload
	;;
  condrestart)
	[ -e /var/lock/subsys/$prog ] && restart
	RETVAL=$?
	;;
  status)
	status $prog
	RETVAL=$?
	;;
  *)
	echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
	RETVAL=1
esac

exit $RETVAL
