xref: /freebsd/libexec/rc/rc.d/pflog (revision d0b2dbfa0ecf2bbc9709efc5e20baf8e4b44bbbf) 
1#!/bin/sh
2#
3#
4
5# PROVIDE: pflog
6# REQUIRE: FILESYSTEMS netif
7# KEYWORD: nojailvnet
8
9. /etc/rc.subr
10
11name="pflog"
12desc="Packet filter logging interface"
13rcvar="pflog_enable"
14command="/sbin/pflogd"
15pidfile="/var/run/pflogd.pid"
16start_precmd="pflog_prestart"
17stop_postcmd="pflog_poststop"
18extra_commands="reload resync"
19
20# for backward compatibility
21resync_cmd="pflog_resync"
22
23pflog_prestart()
24{
25	load_kld pflog || return 1
26
27	# create pflog_dev interface if needed
28	if ! ifconfig $pflog_dev > /dev/null 2>&1; then
29		if ! ifconfig $pflog_dev create; then
30			warn "could not create $pflog_dev."
31			return 1
32		fi
33	fi
34
35	# set pflog_dev interface to up state
36	if ! ifconfig $pflog_dev up; then
37		warn "could not bring up $pflog_dev."
38		return 1
39	fi
40
41	# -p flag requires stripping pidfile's leading /var/run and trailing .pid
42	pidfile=$(echo $pidfile | sed -e 's|/var/run/||' -e 's|.pid$||')
43
44	# prepare the command line for pflogd
45	rc_flags="-p $pidfile -f $pflog_logfile -i $pflog_dev $rc_flags"
46
47	# report we're ready to run pflogd
48	return 0
49}
50
51pflog_poststop()
52{
53	if ! ifconfig $pflog_dev down; then
54		warn "could not bring down $pflog_dev."
55		return 1
56	fi
57
58	if [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then
59		rm $pidfile
60	fi
61
62	return 0
63}
64
65# for backward compatibility
66pflog_resync()
67{
68	run_rc_command reload
69}
70
71load_rc_config $name
72
73# Check if spawning multiple pflogd and told what to spawn
74if [ -n "$2" ]; then
75	# Set required variables
76	eval pflog_dev=\$pflog_${2}_dev
77	eval pflog_logfile=\$pflog_${2}_logfile
78	eval pflog_flags=\$pflog_${2}_flags
79	# Check that required vars have non-zero length, warn if not.
80	if [ -z $pflog_dev ]; then
81		warn "pflog_dev not set"
82		continue
83	fi
84	if [ -z $pflog_logfile ]; then
85		warn "pflog_logfile not set"
86		continue
87	fi
88
89	# Provide a unique pidfile name for pflogd -p <pidfile> flag
90	pidfile="/var/run/pflogd.$2.pid"
91
92	# Override service name and execute command
93	name=$pflog_dev
94	run_rc_command "$1"
95# Check if spawning multiple pflogd and not told what to spawn
96elif [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then
97	# Interate through requested instances.
98	for i in $pflog_instances; do
99		/etc/rc.d/pflog $1 $i
100	done
101else
102	# Typical case, spawn single instance only.
103	pflog_dev=${pflog_dev:-"pflog0"}
104	run_rc_command "$1"
105fi
106