From 4917a7284db6980cb28ae6d2d0e0e1409d2973a4 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Mon, 13 Jan 2020 22:19:15 +0000
Subject: [PATCH] add initial replay wrappers

---
 salt/common/tools/sbin/so-tcpreplay         | 28 +++++++++++++++++++++
 salt/common/tools/sbin/so-tcpreplay-restart | 21 ++++++++++++++++
 salt/common/tools/sbin/so-tcpreplay-start   | 20 +++++++++++++++
 salt/common/tools/sbin/so-tcpreplay-stop    | 21 ++++++++++++++++
 4 files changed, 90 insertions(+)
 create mode 100755 salt/common/tools/sbin/so-tcpreplay
 create mode 100755 salt/common/tools/sbin/so-tcpreplay-restart
 create mode 100755 salt/common/tools/sbin/so-tcpreplay-start
 create mode 100755 salt/common/tools/sbin/so-tcpreplay-stop

diff --git a/salt/common/tools/sbin/so-tcpreplay b/salt/common/tools/sbin/so-tcpreplay
new file mode 100755
index 000000000..69cee2f68
--- /dev/null
+++ b/salt/common/tools/sbin/so-tcpreplay
@@ -0,0 +1,28 @@
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+REPLAY_ENABLED=$(docker images | grep so-tcpreplay)
+REPLAY_RUNNING=$(docker ps | grep so-tcpreplay)
+
+if  [ "$REPLAY_ENABLED" != "" ] && [ "$REPLAY_RUNNING" != "" ]; then
+   docker cp so-tcpreplay:/opt/samples /opt/samples
+   docker exec -it so-tcpreplay /usr/bin/tcpreplay -i bond0 -M10 $1
+else
+  echo "Replay functionality not enabled!  To enable, run `so-tcpreplay-start`"
+  echo
+  echo "Note that you will need internet access to download the appropiriate components"
+fi
diff --git a/salt/common/tools/sbin/so-tcpreplay-restart b/salt/common/tools/sbin/so-tcpreplay-restart
new file mode 100755
index 000000000..61e9016d0
--- /dev/null
+++ b/salt/common/tools/sbin/so-tcpreplay-restart
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. /usr/sbin/so-common
+
+/usr/sbin/so-restart tcreplay $1
+
diff --git a/salt/common/tools/sbin/so-tcpreplay-start b/salt/common/tools/sbin/so-tcpreplay-start
new file mode 100755
index 000000000..e6886b80c
--- /dev/null
+++ b/salt/common/tools/sbin/so-tcpreplay-start
@@ -0,0 +1,20 @@
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. /usr/sbin/so-common
+
+/usr/sbin/so-start tcpreplay $1
diff --git a/salt/common/tools/sbin/so-tcpreplay-stop b/salt/common/tools/sbin/so-tcpreplay-stop
new file mode 100755
index 000000000..d12014260
--- /dev/null
+++ b/salt/common/tools/sbin/so-tcpreplay-stop
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. /usr/sbin/so-common
+
+/usr/sbin/so-stop tcpreplay $1
+