pflogd/pflogd.Solaris/firewall-pflog.xml

5563N/A<?xml version="1.0"?>
5563N/A<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
5563N/A<!--
5563N/A
5563N/A CDDL HEADER START
5563N/A
5563N/A The contents of this file are subject to the terms of the
5563N/A Common Development and Distribution License (the "License").
5563N/A You may not use this file except in compliance with the License.
5563N/A
5563N/A You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
5563N/A or http://www.opensolaris.org/os/licensing.
5563N/A See the License for the specific language governing permissions
5563N/A and limitations under the License.
5563N/A
5563N/A When distributing Covered Code, include this CDDL HEADER in each
5563N/A file and include the License file at usr/src/OPENSOLARIS.LICENSE.
5563N/A If applicable, add the following below this CDDL HEADER, with the
5563N/A fields enclosed by brackets "[]" replaced with your own identifying
5563N/A information: Portions Copyright [yyyy] [name of copyright owner]
5563N/A
5563N/A CDDL HEADER END
5563N/A
5563N/A Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
5563N/A
5563N/A    NOTE:  This service manifest is not editable; its contents will
5563N/A    be overwritten by package or patch operations, including
5563N/A    operating system upgrade.  Make customizations in a different
5563N/A    file.
5563N/A-->
5563N/A
5563N/A<service_bundle type='manifest' name='network/firewall/pflog' >
5563N/A
5563N/A<service
5563N/A    name='network/firewall/pflog'
5563N/A    type='service'
5563N/A    version='1'>
5563N/A    <method_context>
5563N/A        <method_credential
5563N/A            user='daemon'
5563N/A            group='daemon'
5563N/A            privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*'
5563N/A        />
5563N/A    </method_context>
5563N/A
5563N/A    <exec_method
5563N/A        type='method'
5563N/A        name='start'
5563N/A        exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"'
5563N/A        timeout_seconds='30'>
5563N/A    </exec_method>
5563N/A
5563N/A    <exec_method
5563N/A        type='method'
5563N/A        name='stop'
5563N/A        exec=':kill'
5563N/A        timeout_seconds='60'>
5563N/A    </exec_method>
5563N/A
5563N/A    <exec_method
5563N/A        type='method'
5563N/A        name='refresh'
5563N/A        exec=':kill -HUP'
5563N/A        timeout_seconds='5'>
5563N/A    </exec_method>
5563N/A
5563N/A    <instance name='default' enabled='false' complete='true'>
5563N/A        <property_group name="general" type="framework">
5563N/A            <propval
5563N/A                name='action_authorization'
5563N/A                type='astring'
5563N/A                value='solaris.smf.manage.network.firewall' />
5563N/A            <propval
5563N/A                name='value_authorization'
5563N/A                type='astring'
5563N/A                value='solaris.smf.manage.network.firewall' />
5563N/A        </property_group>
5563N/A        <property_group name='pflog' type='application'>
5563N/A            <propval
5563N/A                name='logfile'
5563N/A                type='astring'
5563N/A                value='/var/log/firewall/pflog/pflog0.pkt' />
5563N/A            <propval name='snaplen' type='integer' value='160' />
5563N/A            <propval
5563N/A                name='interface'
5563N/A                type='astring'
5563N/A                value='pflog0' />
5563N/A            <propval name='delay' type='integer' value='60' />
5563N/A            <propval name='filter' type='astring' value='' />
5563N/A            <propval
5563N/A                name='value_authorization'
5563N/A                type='astring'
5563N/A                value='solaris.smf.value.network.firewall' />
5563N/A        </property_group>
5563N/A    </instance>
5563N/A
5563N/A    <stability value='Unstable' />
5563N/A
5563N/A    <template>
5563N/A        <common_name>
5563N/A            <loctext xml:lang='C'>
5563N/A            pflog - PF log daemon
5563N/A            </loctext>
5563N/A        </common_name>
5563N/A        <documentation>
5563N/A            <manpage title='pflogd' section='1M' manpath='/usr/share/man' />
5563N/A        </documentation>
5563N/A        <pg_pattern name="pflog" type="application" target="instance" required="true">
5563N/A            <prop_pattern name="logfile" type="astring" required="true">
5563N/A                <cardinality min="1" max="1"/>
5563N/A            </prop_pattern>
5563N/A            <prop_pattern name="snaplen" type="integer" required="true">
5563N/A                <cardinality min="1" max="1"/>
5563N/A                <constraints>
5563N/A                    <range min="0" max="2147483647"/>
5563N/A                </constraints>
5563N/A            </prop_pattern>
5563N/A            <prop_pattern name="interface" type="astring" required="true">
5563N/A                <cardinality min="1" max="1"/>
5563N/A            </prop_pattern>
5563N/A            <prop_pattern name="delay" type="integer" required="true">
5563N/A                <cardinality min="1" max="1"/>
5563N/A                <constraints>
5563N/A                    <range min="5" max="3600"/>
5563N/A                </constraints>
5563N/A            </prop_pattern>
5563N/A            <prop_pattern name="filter" type="astring" required="true">
5563N/A                <cardinality min="0" max="1"/>
5563N/A            </prop_pattern>
5563N/A            <prop_pattern name="value_authorization" type="astring">
5563N/A            </prop_pattern>
5563N/A        </pg_pattern>
5563N/A    </template>
5563N/A</service>
5563N/A
5563N/A</service_bundle>