#!/bin/bash

# we need to handle both situations:
# suricata from source
# suricata on alpine linux e.g. with wg-access-server

[[ -z $1 ]] && echo sniffnic? && exit 1
sniffnic=$1

[[ ! -x `which suricata` ]] && echo error: could not find suricata in PATH $PATH && exit 1

echo -n check process ...
pidof suricata

echo killing suricata
kill `cat /var/run/suricata.pid`

echo -n idling 3 second ...
sleep 3 && echo done

if pidof suricata; then
        echo -n killing with SIGKILL ...
        kill -9 `cat /var/run/suricata.pid` && echo done
	rm -f /var/run/suricata.pid
fi

echo -n check process is gone ...
pidof suricata && exit 1 || echo done

echo -n cleaning up pid file in case of previous stale ...
rm -f /var/run/suricata.pid && echo done

# self-verbose
ifconfig $sniffnic && suricata --af-packet -i $sniffnic -D