11541Srgrimes#!/bin/sh
21541Srgrimes#
31541Srgrimes#
41541Srgrimes
51541Srgrimes# PROVIDE: pflog
61541Srgrimes# REQUIRE: FILESYSTEMS netif
71541Srgrimes# KEYWORD: nojailvnet
81541Srgrimes
91541Srgrimes. /etc/rc.subr
101541Srgrimes
111541Srgrimesname="pflog"
121541Srgrimesdesc="Packet filter logging interface"
131541Srgrimesrcvar="pflog_enable"
141541Srgrimescommand="/sbin/pflogd"
151541Srgrimespidfile="/var/run/pflogd.pid"
161541Srgrimesstart_precmd="pflog_prestart"
171541Srgrimesstop_postcmd="pflog_poststop"
181541Srgrimesextra_commands="reload resync"
191541Srgrimes
201541Srgrimes# no svcj options needed
211541Srgrimes: ${pflog_svcj_options:=""}
221541Srgrimes
231541Srgrimes# for backward compatibility
241541Srgrimesresync_cmd="pflog_resync"
251541Srgrimes
261541Srgrimespflog_prestart()
271541Srgrimes{
281541Srgrimes	load_kld pflog || return 1
291541Srgrimes
301541Srgrimes	# create pflog_dev interface if needed
311541Srgrimes	if ! ifconfig $pflog_dev > /dev/null 2>&1; then
321541Srgrimes		if ! ifconfig $pflog_dev create; then
3310939Swollman			warn "could not create $pflog_dev."
3414622Sfenner			return 1
351541Srgrimes		fi
361541Srgrimes	fi
372169Spaul
382169Spaul	# set pflog_dev interface to up state
392169Spaul	if ! ifconfig $pflog_dev up; then
407280Swollman		warn "could not bring up $pflog_dev."
417280Swollman		return 1
421541Srgrimes	fi
431541Srgrimes
441541Srgrimes	# -p flag requires stripping pidfile's leading /var/run and trailing .pid
451541Srgrimes	pidfile=$(echo $pidfile | sed -e 's|/var/run/||' -e 's|.pid$||')
461541Srgrimes
471541Srgrimes	# prepare the command line for pflogd
481541Srgrimes	rc_flags="-p $pidfile -f $pflog_logfile -i $pflog_dev $rc_flags"
491541Srgrimes
501541Srgrimes	# report we're ready to run pflogd
511541Srgrimes	return 0
521541Srgrimes}
531541Srgrimes
541541Srgrimespflog_poststop()
551541Srgrimes{
561541Srgrimes	if ! ifconfig $pflog_dev down; then
571541Srgrimes		warn "could not bring down $pflog_dev."
581541Srgrimes		return 1
591541Srgrimes	fi
601541Srgrimes
611541Srgrimes	if [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then
621541Srgrimes		rm $pidfile
638876Srgrimes	fi
647280Swollman
651541Srgrimes	return 0
661541Srgrimes}
671541Srgrimes
681541Srgrimes# for backward compatibility
691541Srgrimespflog_resync()
701541Srgrimes{
711541Srgrimes	run_rc_command reload
721541Srgrimes}
731541Srgrimes
741541Srgrimesload_rc_config $name
751541Srgrimes
761541Srgrimes# precmd is not compatible with svcj
771541Srgrimespflog_svcj="NO"
783865Sswallace
793865Sswallace# Check if spawning multiple pflogd and told what to spawn
801541Srgrimesif [ -n "$2" ]; then
811541Srgrimes	# Set required variables
821541Srgrimes	eval pflog_dev=\$pflog_${2}_dev
831541Srgrimes	eval pflog_logfile=\$pflog_${2}_logfile
848876Srgrimes	eval pflog_flags=\$pflog_${2}_flags
851541Srgrimes	# Check that required vars have non-zero length, warn if not.
861541Srgrimes	if [ -z $pflog_dev ]; then
871541Srgrimes		warn "pflog_dev not set"
887090Sbde		continue
897090Sbde	fi
907090Sbde	if [ -z $pflog_logfile ]; then
917090Sbde		warn "pflog_logfile not set"
927090Sbde		continue
931541Srgrimes	fi
941541Srgrimes
951541Srgrimes	# Provide a unique pidfile name for pflogd -p <pidfile> flag
961541Srgrimes	pidfile="/var/run/pflogd.$2.pid"
971541Srgrimes
981541Srgrimes	# Override service name and execute command
991541Srgrimes	name=$pflog_dev
1001541Srgrimes	run_rc_command "$1"
1011541Srgrimes# Check if spawning multiple pflogd and not told what to spawn
1021541Srgrimeselif [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then
1031541Srgrimes	# Interate through requested instances.
1041541Srgrimes	for i in $pflog_instances; do
1053865Sswallace		/etc/rc.d/pflog $1 $i
1063865Sswallace	done
1071541Srgrimeselse
1081541Srgrimes	# Typical case, spawn single instance only.
10913200Swollman	pflog_dev=${pflog_dev:-"pflog0"}
11013200Swollman	run_rc_command "$1"
11113200Swollmanfi
11213200Swollman