1127759Smlaier#!/bin/sh 2127759Smlaier# 3127759Smlaier# $FreeBSD$ 4127759Smlaier# 5127759Smlaier 6127759Smlaier# PROVIDE: pflog 7275324Sngie# REQUIRE: FILESYSTEMS netif 8136224Smtm# KEYWORD: nojail 9127759Smlaier 10127759Smlaier. /etc/rc.subr 11127759Smlaier 12127759Smlaiername="pflog" 13298514Slmedesc="Packet filter logging interface" 14230099Sdougbrcvar="pflog_enable" 15150831Syarcommand="/sbin/pflogd" 16150831Syarpidfile="/var/run/pflogd.pid" 17127759Smlaierstart_precmd="pflog_prestart" 18150831Syarstop_postcmd="pflog_poststop" 19150831Syarextra_commands="reload resync" 20150831Syar 21150831Syar# for backward compatibility 22127759Smlaierresync_cmd="pflog_resync" 23127759Smlaier 24127759Smlaierpflog_prestart() 25127759Smlaier{ 26165683Syar load_kld pflog || return 1 27127759Smlaier 28281112Sjpaetzel # create pflog_dev interface if needed 29281112Sjpaetzel if ! ifconfig $pflog_dev > /dev/null 2>&1; then 30281112Sjpaetzel if ! ifconfig $pflog_dev create; then 31281112Sjpaetzel warn "could not create $pflog_dev." 32281112Sjpaetzel return 1 33281112Sjpaetzel fi 34281112Sjpaetzel fi 35281112Sjpaetzel 36258080Sjpaetzel # set pflog_dev interface to up state 37258080Sjpaetzel if ! ifconfig $pflog_dev up; then 38258080Sjpaetzel warn "could not bring up $pflog_dev." 39127759Smlaier return 1 40127759Smlaier fi 41127759Smlaier 42281166Sjpaetzel # -p flag requires stripping pidfile's leading /var/run and trailing .pid 43281112Sjpaetzel pidfile=$(echo $pidfile | sed -e 's|/var/run/||' -e 's|.pid$||') 44281112Sjpaetzel 45150831Syar # prepare the command line for pflogd 46281112Sjpaetzel rc_flags="-p $pidfile -f $pflog_logfile -i $pflog_dev $rc_flags" 47150831Syar 48150831Syar # report we're ready to run pflogd 49150831Syar return 0 50127759Smlaier} 51127759Smlaier 52150831Syarpflog_poststop() 53127759Smlaier{ 54258080Sjpaetzel if ! ifconfig $pflog_dev down; then 55258080Sjpaetzel warn "could not bring down $pflog_dev." 56150831Syar return 1 57127759Smlaier fi 58258080Sjpaetzel 59258080Sjpaetzel if [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then 60258080Sjpaetzel rm $pidfile 61258080Sjpaetzel fi 62258080Sjpaetzel 63150831Syar return 0 64127759Smlaier} 65127759Smlaier 66150831Syar# for backward compatibility 67127759Smlaierpflog_resync() 68127759Smlaier{ 69150831Syar run_rc_command reload 70127759Smlaier} 71127759Smlaier 72150831Syarload_rc_config $name 73258080Sjpaetzel 74281112Sjpaetzel# Check if spawning multiple pflogd and told what to spawn 75281112Sjpaetzelif [ -n "$2" ]; then 76281112Sjpaetzel # Set required variables 77281112Sjpaetzel eval pflog_dev=\$pflog_${2}_dev 78281112Sjpaetzel eval pflog_logfile=\$pflog_${2}_logfile 79281112Sjpaetzel eval pflog_flags=\$pflog_${2}_flags 80281112Sjpaetzel # Check that required vars have non-zero length, warn if not. 81281112Sjpaetzel if [ -z $pflog_dev ]; then 82281112Sjpaetzel warn "pflog_dev not set" 83281112Sjpaetzel continue 84281112Sjpaetzel fi 85281112Sjpaetzel if [ -z $pflog_logfile ]; then 86281112Sjpaetzel warn "pflog_logfile not set" 87281112Sjpaetzel continue 88281112Sjpaetzel fi 89281112Sjpaetzel 90281112Sjpaetzel # Provide a unique pidfile name for pflogd -p <pidfile> flag 91281112Sjpaetzel pidfile="/var/run/pflogd.$2.pid" 92281112Sjpaetzel 93281112Sjpaetzel # Override service name and execute command 94281112Sjpaetzel name=$pflog_dev 95281112Sjpaetzel run_rc_command "$1" 96281112Sjpaetzel# Check if spawning multiple pflogd and not told what to spawn 97281112Sjpaetzelelif [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then 98258080Sjpaetzel # Interate through requested instances. 99258080Sjpaetzel for i in $pflog_instances; do 100281112Sjpaetzel /etc/rc.d/pflog $1 $i 101258080Sjpaetzel done 102258080Sjpaetzelelse 103258080Sjpaetzel # Typical case, spawn single instance only. 104258080Sjpaetzel pflog_dev=${pflog_dev:-"pflog0"} 105258080Sjpaetzel run_rc_command "$1" 106258080Sjpaetzelfi 107