pflogd/pflogd.Solaris/firewall-pflog.xml

	firewall-pflog.xml revision 5563
98N/A<?xml version="1.0"?>
98N/A<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
910N/A<!--
753N/A
98N/A CDDL HEADER START
98N/A
98N/A The contents of this file are subject to the terms of the
98N/A Common Development and Distribution License (the "License").
98N/A You may not use this file except in compliance with the License.
98N/A
98N/A You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
98N/A or http://www.opensolaris.org/os/licensing.
98N/A See the License for the specific language governing permissions
98N/A and limitations under the License.
98N/A
98N/A When distributing Covered Code, include this CDDL HEADER in each
98N/A file and include the License file at usr/src/OPENSOLARIS.LICENSE.
98N/A If applicable, add the following below this CDDL HEADER, with the
98N/A fields enclosed by brackets "[]" replaced with your own identifying
98N/A information: Portions Copyright [yyyy] [name of copyright owner]
98N/A
98N/A CDDL HEADER END
98N/A
98N/A Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
98N/A
98N/A    NOTE:  This service manifest is not editable; its contents will
98N/A    be overwritten by package or patch operations, including
98N/A    operating system upgrade.  Make customizations in a different
98N/A    file.
98N/A-->
98N/A
493N/A<service_bundle type='manifest' name='network/firewall/pflog' >
493N/A
98N/A<service
98N/A    name='network/firewall/pflog'
753N/A    type='service'
493N/A    version='1'>
911N/A    <method_context>
911N/A        <method_credential
911N/A            user='daemon'
911N/A            group='daemon'
493N/A            privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*'
493N/A        />
493N/A    </method_context>
493N/A
98N/A    <exec_method
98N/A        type='method'
493N/A        name='start'
493N/A        exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"'
98N/A        timeout_seconds='30'>
98N/A    </exec_method>
156N/A
156N/A    <exec_method
98N/A        type='method'
98N/A        name='stop'
98N/A        exec=':kill'
606N/A        timeout_seconds='60'>
606N/A    </exec_method>
98N/A
98N/A    <exec_method
98N/A        type='method'
98N/A        name='refresh'
98N/A        exec=':kill -HUP'
606N/A        timeout_seconds='5'>
851N/A    </exec_method>
493N/A
98N/A    <instance name='default' enabled='false' complete='true'>
98N/A        <property_group name="general" type="framework">
851N/A            <propval
493N/A                name='action_authorization'
231N/A                type='astring'
231N/A                value='solaris.smf.manage.network.firewall' />
851N/A            <propval
493N/A                name='value_authorization'
98N/A                type='astring'
98N/A                value='solaris.smf.manage.network.firewall' />
493N/A        </property_group>
98N/A        <property_group name='pflog' type='application'>
98N/A            <propval
98N/A                name='logfile'
98N/A                type='astring'
98N/A                value='/var/log/firewall/pflog/pflog0.pkt' />
98N/A            <propval name='snaplen' type='integer' value='160' />
851N/A            <propval
851N/A                name='interface'
659N/A                type='astring'
378N/A                value='pflog0' />
659N/A            <propval name='delay' type='integer' value='60' />
378N/A            <propval name='filter' type='astring' value='' />
606N/A            <propval
493N/A                name='value_authorization'
606N/A                type='astring'
493N/A                value='solaris.smf.value.network.firewall' />
606N/A        </property_group>
493N/A    </instance>
98N/A
493N/A    <stability value='Unstable' />
606N/A
606N/A    <template>
98N/A        <common_name>
493N/A            <loctext xml:lang='C'>
606N/A            pflog - PF log daemon
606N/A            </loctext>
98N/A        </common_name>
98N/A        <documentation>
493N/A            <manpage title='pflogd' section='1M' manpath='/usr/share/man' />
606N/A        </documentation>
606N/A        <pg_pattern name="pflog" type="application" target="instance" required="true">
98N/A            <prop_pattern name="logfile" type="astring" required="true">
98N/A                <cardinality min="1" max="1"/>
493N/A            </prop_pattern>
98N/A            <prop_pattern name="snaplen" type="integer" required="true">
606N/A                <cardinality min="1" max="1"/>
606N/A                <constraints>
231N/A                    <range min="0" max="2147483647"/>
606N/A                </constraints>
606N/A            </prop_pattern>
231N/A            <prop_pattern name="interface" type="astring" required="true">
231N/A                <cardinality min="1" max="1"/>
606N/A            </prop_pattern>
606N/A            <prop_pattern name="delay" type="integer" required="true">
231N/A                <cardinality min="1" max="1"/>
231N/A                <constraints>
606N/A                    <range min="5" max="3600"/>
606N/A                </constraints>
98N/A            </prop_pattern>
98N/A            <prop_pattern name="filter" type="astring" required="true">
                <cardinality min="0" max="1"/>
            </prop_pattern>
            <prop_pattern name="value_authorization" type="astring">
            </prop_pattern>
        </pg_pattern>
    </template>
</service>

</service_bundle>