pflog revision 5563
5563N/A#!/sbin/sh
5563N/A#
5563N/A#
5563N/A# CDDL HEADER START
5563N/A#
5563N/A# The contents of this file are subject to the terms of the
5563N/A# Common Development and Distribution License (the "License").
5563N/A# You may not use this file except in compliance with the License.
5563N/A#
5563N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
5563N/A# or http://www.opensolaris.org/os/licensing.
5563N/A# See the License for the specific language governing permissions
5563N/A# and limitations under the License.
5563N/A#
5563N/A# When distributing Covered Code, include this CDDL HEADER in each
5563N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
5563N/A# If applicable, add the following below this CDDL HEADER, with the
5563N/A# fields enclosed by brackets "[]" replaced with your own identifying
5563N/A# information: Portions Copyright [yyyy] [name of copyright owner]
5563N/A#
5563N/A# CDDL HEADER END
5563N/A#
5563N/A#
5563N/A# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
5563N/A#
5563N/A
5563N/A. /lib/svc/share/smf_include.sh
5563N/A
5563N/APATH=$PATH:/usr/sbin
5563N/A
5563N/A# Retrieve an unescaped property value from a method token.
5563N/A# Arguments:
5563N/A# - raw method token value
5563N/A# Outputs:
5563N/A# - unescaped property value
5563N/A# Returns:
5563N/A# - 0 on succes
5563N/A# - 1 when unescaping failed
5563N/A# - 2 when the value is empty
5563N/Afunction get_property
5563N/A{
5563N/A VALUE="$(echo "$1" | /usr/bin/sed 's/\\\(.\)/\1/g')"
5563N/A
5563N/A if [[ $? -ne 0 ]]; then
5563N/A exit 1
5563N/A fi
5563N/A
5563N/A echo "$VALUE"
5563N/A}
5563N/A
5563N/Afunction failure
5563N/A{
5563N/A echo "An unknown error occurred. Probably either /usr/bin/sed is"
5563N/A echo "missing or system resources are exhausted."
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/A}
5563N/A
5563N/A# store and unescape property values
5563N/APFLOGD_LOGFILE="$(get_property "$2")" || failure
5563N/APFLOGD_SNAPLEN="$(get_property "$3")" || failure
5563N/APFLOGD_IFACE="$(get_property "$4")" || failure
5563N/APFLOGD_DELAY="$(get_property "$5")" || failure
5563N/APFLOGD_FILTER="$(get_property "$6")" || failure
5563N/A
5563N/A# check property values for emptiness (pflog/filter may be empty)
5563N/Aif [[ -z $PFLOGD_LOGFILE ]]; then
5563N/A echo "The pflog/logfile property cannot be empty."
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/Afi
5563N/Aif [[ -z $PFLOGD_SNAPLEN ]]; then
5563N/A echo "The pflog/snaplen property cannot be empty."
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/Afi
5563N/Aif [[ -z $PFLOGD_IFACE ]]; then
5563N/A echo "The pflog/interface property cannot be empty."
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/Afi
5563N/Aif [[ -z $PFLOGD_DELAY ]]; then
5563N/A echo "The pflog/delay property cannot be empty."
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/Afi
5563N/A
5563N/Acase "$1" in
5563N/A start)
5563N/A # Create non-persistent capture link if it does not exist.
5563N/A echo "Checking if capture link exists.."
5563N/A dladm show-cap "$PFLOGD_IFACE"
5563N/A if [[ $? -ne 0 ]] ; then
5563N/A echo "Creating a temporary capture link.."
5563N/A dladm create-cap -t "$PFLOGD_IFACE"
5563N/A if [ $? -ne 0 ] ; then
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/A fi
5563N/A fi
5563N/A
5563N/A # Start the daemon.
5563N/A smf_clear_env
5563N/A pflogd -i "$PFLOGD_IFACE" -s "$PFLOGD_SNAPLEN" \
5563N/A -f "$PFLOGD_LOGFILE" -d "$PFLOGD_DELAY" "$PFLOGD_FILTER"
5563N/A if [[ $? -ne 0 ]] ; then
5563N/A exit $SMF_EXIT_ERR_FATAL
5563N/A fi
5563N/A ;;
5563N/A
5563N/A *)
5563N/A echo "Usage: $0 \c" >&2
5563N/A echo "(start)" >&2
5563N/A exit 1
5563N/A ;;
5563N/A
5563N/Aesac
5563N/A
5563N/Aexit $SMF_EXIT_OK