#!/bin/bash
#
# Init file for p0f - Passive OS fingerprinting tool
#
# Written by Dag Wieers <dag@wieers.com>.
# Modfied by Patrick Koetter <p@state-of-mind.de>.
#
# chkconfig: 345 52 48
# description: Passive OS fingerprinting tool
#
# processname: p0f
# pidfile: /var/run/p0f.pid

source /etc/rc.d/init.d/functions

### Default variables
BPFFILTER="tcp"
#OPTIONS="-p -t -M -u pcap"
SYSCONFIG="/etc/sysconfig/p0f"

### Read configuration
[ -r "$SYSCONFIG" ] && source "$SYSCONFIG"

RETVAL=0
prog="p0f"
desc="Passive OS fingerprinting"

start() {
	echo -n $"Starting $desc ($prog): "

	(p0f -i eth0 -l 'tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345) &
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
	return $RETVAL
}

stop() {
	echo -n $"Shutting down $desc ($prog): "
	killproc $prog
	killproc p0f-analyzer.pl
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
	return $RETVAL
}

restart() {
	stop
	start
}

case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  restart)
	restart
	;;
  reload)
	reload
	;;
  condrestart)
	[ -e /var/lock/subsys/$prog ] && restart
	RETVAL=$?
	;;
  status)
	status $prog
	RETVAL=$?
	;;
  *)
	echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
	RETVAL=1
esac

exit $RETVAL