mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-29 11:48:52 +00:00
9fea0461fc
tpot configs are now stored in /etc/tpot/ tpot related scripts are now stored /usr/share/tpot/bin some scripts are improved some scripts are cleaned of old comments spiderfoot is now part of tpot
19 lines
1 KiB
Desktop File
19 lines
1 KiB
Desktop File
[Unit]
|
|
Description=suricata
|
|
Requires=docker.service
|
|
After=docker.service
|
|
|
|
[Service]
|
|
Restart=always
|
|
ExecStartPre=-/usr/bin/docker stop suricata
|
|
ExecStartPre=-/usr/bin/docker rm -v suricata
|
|
# Get IF, disable offloading, enable promiscious mode
|
|
ExecStartPre=/bin/bash -c '/sbin/ethtool --offload $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') rx off tx off'
|
|
ExecStartPre=/bin/bash -c '/sbin/ethtool -K $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') gso off gro off'
|
|
ExecStartPre=/bin/bash -c '/sbin/ip link set $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') promisc on'
|
|
ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh suricata off'
|
|
ExecStart=/usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata:/data/suricata dtagdevsec/suricata:1706
|
|
ExecStop=/usr/bin/docker stop suricata
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|