1 <?xml version="1.0"?>

     2 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">

     3 <!--

     4 

     5  CDDL HEADER START

     6 

     7  The contents of this file are subject to the terms of the

     8  Common Development and Distribution License (the "License").

     9  You may not use this file except in compliance with the License.

    10 

    11  You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE

    12  or http://www.opensolaris.org/os/licensing.

    13  See the License for the specific language governing permissions

    14  and limitations under the License.

    15 

    16  When distributing Covered Code, include this CDDL HEADER in each

    17  file and include the License file at usr/src/OPENSOLARIS.LICENSE.

    18  If applicable, add the following below this CDDL HEADER, with the

    19  fields enclosed by brackets "[]" replaced with your own identifying

    20  information: Portions Copyright [yyyy] [name of copyright owner]

    21 

    22  CDDL HEADER END

    23 

    24  Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.

    25 

    26     NOTE:  This service manifest is not editable; its contents will

    27     be overwritten by package or patch operations, including

    28     operating system upgrade.  Make customizations in a different

    29     file.

    30 -->

    31 

    32 <service_bundle type='manifest' name='network/firewall/pflog' >

    33 

    34 <service

    35     name='network/firewall/pflog'

    36     type='service'

    37     version='1'>

    38 	<method_context>

    39 		<method_credential

    40 		    user='daemon'

    41 		    group='daemon'

    42 		    privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*'

    43 		/>

    44 	</method_context>

    45 

    46 	<exec_method 

    47 	    type='method' 

    48 	    name='start'

    49 	    exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"'

    50 	    timeout_seconds='30'>

    51 	</exec_method>

    52 

    53 	<exec_method 

    54 	    type='method' 

    55 	    name='stop'

    56 	    exec=':kill'

    57 	    timeout_seconds='60'>

    58 	</exec_method>

    59 

    60 	<exec_method

    61 	    type='method'

    62 	    name='refresh'

    63 	    exec=':kill -HUP'

    64 	    timeout_seconds='5'>

    65 	</exec_method>

    66 

    67 	<instance name='default' enabled='false' complete='true'>

    68 		<property_group name="general" type="framework">

    69 			<propval

    70 			    name='action_authorization'

    71 			    type='astring'

    72 			    value='solaris.smf.manage.network.firewall' />

    73 			<propval

    74 			    name='value_authorization'

    75 			    type='astring'

    76 			    value='solaris.smf.manage.network.firewall' />

    77 		</property_group>

    78 		<property_group name='pflog' type='application'>

    79 			<propval

    80 			    name='logfile'

    81 			    type='astring'

    82 			    value='/var/log/firewall/pflog/pflog0.pkt' />

    83 			<propval name='snaplen' type='integer' value='160' />

    84 			<propval

    85 			    name='interface'

    86 			    type='astring'

    87 			    value='pflog0' />

    88 			<propval name='delay' type='integer' value='60' />

    89 			<propval name='filter' type='astring' value='' />

    90 			<propval

    91 			    name='value_authorization'

    92 			    type='astring'

    93 			    value='solaris.smf.value.network.firewall' />

    94 		</property_group>

    95 	</instance>

    96 

    97 	<stability value='Unstable' />

    98 

    99 	<template>

   100 		<common_name>

   101 			<loctext xml:lang='C'>

   102 			pflog - PF log daemon 

   103 			</loctext>

   104 		</common_name>

   105 		<documentation>

   106 			<manpage title='pflogd' section='1M' manpath='/usr/share/man' />

   107 		</documentation>

   108 		<pg_pattern name="pflog" type="application" target="instance" required="true">

   109 			<prop_pattern name="logfile" type="astring" required="true">

   110 				<cardinality min="1" max="1"/>

   111 			</prop_pattern>

   112 			<prop_pattern name="snaplen" type="integer" required="true">

   113 				<cardinality min="1" max="1"/>

   114 				<constraints>

   115 					<range min="0" max="2147483647"/>

   116 				</constraints>

   117 			</prop_pattern>

   118 			<prop_pattern name="interface" type="astring" required="true">

   119 				<cardinality min="1" max="1"/>

   120 			</prop_pattern>

   121 			<prop_pattern name="delay" type="integer" required="true">

   122 				<cardinality min="1" max="1"/>

   123 				<constraints>

   124 					<range min="5" max="3600"/>

   125 				</constraints>

   126 			</prop_pattern>

   127 			<prop_pattern name="filter" type="astring" required="true">

   128 				<cardinality min="0" max="1"/>

   129 			</prop_pattern>

   130 			<prop_pattern name="value_authorization" type="astring">

   131 			</prop_pattern>

   132 		</pg_pattern>

   133 	</template>

   134 </service>

   135 

   136 </service_bundle>