#!/bin/bash
# Author: Joshua Gimer <jgimer@gmail.com>
# Last Update: Tue Feb 10 18:15:08 MST 2009
# Version: 1.0
#
# chkconfig: 2345 91 92
# description:  Starts and stops honeyd and arpd

if [ $# -ne 1 ];
then
	printf "$0 (start|stop|restart)\n"
	exit 1
fi

HD_BIN='/usr/local/bin/honeyd'
CONFIG='/etc/honeyd.conf'
INTERFACE='eth0'
XPROBE='/usr/local/share/honeyd/xprobe2.conf'
NMAP_A='/usr/local/share/honeyd/nmap.assoc'
NMAP_P='/usr/local/share/honeyd/nmap.prints'
UNAME='HONEYDSTATS UNAME'
PASS='HONEYDSTATS PASS'
RANGE='10.26.0.5-10.26.0.253'
CIDR_NET='10.26.0.0/24'
HONEYD_LOG='/var/log/honeyd.log'

HDS_BIN='/usr/local/bin/honeydstats'
REPORT_BASE='/var/www/html/honeyd/'
HDS_CONFIG='/etc/honeydstats.conf'
CKP_FILE='/tmp/honeyd.checkpoint'
HDS_INT='127.0.0.1'
HDS_PORT='3333'
OS='os_data'
PORT='port_data'
SPAM='spam_data'
CN='cn_data'

SCRIPT_BASE='/etc/scripts/'

TRAFFIC_TH='1000'

function start() {

	$HDS_BIN --os_report ${REPORT_BASE}$OS --port_report ${REPORT_BASE}$PORT --spammer_report ${REPORT_BASE}$SPAM --country_report ${REPORT_BASE}$CN -l $HDS_INT -p $HDS_PORT -f $HDS_CONFIG -c $CKP_FILE >/dev/null 2>/dev/null
	$HD_BIN -f $CONFIG -i $INTERFACE -x $XPROBE -a $NMAP_A -p $NMAP_P -c $HDS_INT:$HDS_PORT:$UNAME:$PASS -l $HONEYD_LOG $RANGE >/dev/null 2>/dev/null
	/usr/local/sbin/arpd -i $INTERFACE $RANGE >/dev/null 2>/dev/null
	${SCRIPT_BASE}rrd_honeyd.pl &
	${SCRIPT_BASE}/honeyd_logger.pl >/dev/null 2>/dev/null &
	while true;do cp ${REPORT_BASE}traffic.gif ${REPORT_BASE}/traffic/`date +%F-%H-%M-%S`.gif; /usr/sbin/tcpdump -c $TRAFFIC_TH -vttttnneli $INTERFACE net $CIDR_NET | ${SCRIPT_BASE}tcpdump2csv.pl "sip dip dport" | ${SCRIPT_BASE}afterglow.pl -c ${SCRIPT_BASE}color.properties -e 2 | neato -Tgif -o ${REPORT_BASE}traffic.gif; done 2>/dev/null >/dev/null &

	printf "Honeyd Started\n"

}

function stop() {

	pkill -9 arpd
	pkill -9 honeyd >/dev/null 2>/dev/null 

}

case $1 in
	start)
		start
		;;
	stop)
		stop
		;;
	restart)
		stop
		start
		;;
esac
