1 <?xml version="1.0"?> |
|
2 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> |
|
3 <!-- |
|
4 |
|
5 CDDL HEADER START |
|
6 |
|
7 The contents of this file are subject to the terms of the |
|
8 Common Development and Distribution License (the "License"). |
|
9 You may not use this file except in compliance with the License. |
|
10 |
|
11 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
12 or http://www.opensolaris.org/os/licensing. |
|
13 See the License for the specific language governing permissions |
|
14 and limitations under the License. |
|
15 |
|
16 When distributing Covered Code, include this CDDL HEADER in each |
|
17 file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
18 If applicable, add the following below this CDDL HEADER, with the |
|
19 fields enclosed by brackets "[]" replaced with your own identifying |
|
20 information: Portions Copyright [yyyy] [name of copyright owner] |
|
21 |
|
22 CDDL HEADER END |
|
23 |
|
24 Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. |
|
25 |
|
26 NOTE: This service manifest is not editable; its contents will |
|
27 be overwritten by package or patch operations, including |
|
28 operating system upgrade. Make customizations in a different |
|
29 file. |
|
30 --> |
|
31 |
|
32 <service_bundle type='manifest' name='network/firewall/pflog' > |
|
33 |
|
34 <service |
|
35 name='network/firewall/pflog' |
|
36 type='service' |
|
37 version='1'> |
|
38 <method_context> |
|
39 <method_credential |
|
40 user='daemon' |
|
41 group='daemon' |
|
42 privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*' |
|
43 /> |
|
44 </method_context> |
|
45 |
|
46 <exec_method |
|
47 type='method' |
|
48 name='start' |
|
49 exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"' |
|
50 timeout_seconds='30'> |
|
51 </exec_method> |
|
52 |
|
53 <exec_method |
|
54 type='method' |
|
55 name='stop' |
|
56 exec=':kill' |
|
57 timeout_seconds='60'> |
|
58 </exec_method> |
|
59 |
|
60 <exec_method |
|
61 type='method' |
|
62 name='refresh' |
|
63 exec=':kill -HUP' |
|
64 timeout_seconds='5'> |
|
65 </exec_method> |
|
66 |
|
67 <instance name='default' enabled='false' complete='true'> |
|
68 <property_group name="general" type="framework"> |
|
69 <propval |
|
70 name='action_authorization' |
|
71 type='astring' |
|
72 value='solaris.smf.manage.network.firewall' /> |
|
73 <propval |
|
74 name='value_authorization' |
|
75 type='astring' |
|
76 value='solaris.smf.manage.network.firewall' /> |
|
77 </property_group> |
|
78 <property_group name='pflog' type='application'> |
|
79 <propval |
|
80 name='logfile' |
|
81 type='astring' |
|
82 value='/var/log/firewall/pflog/pflog0.pkt' /> |
|
83 <propval name='snaplen' type='integer' value='160' /> |
|
84 <propval |
|
85 name='interface' |
|
86 type='astring' |
|
87 value='pflog0' /> |
|
88 <propval name='delay' type='integer' value='60' /> |
|
89 <propval name='filter' type='astring' value='' /> |
|
90 <propval |
|
91 name='value_authorization' |
|
92 type='astring' |
|
93 value='solaris.smf.value.network.firewall' /> |
|
94 </property_group> |
|
95 </instance> |
|
96 |
|
97 <stability value='Unstable' /> |
|
98 |
|
99 <template> |
|
100 <common_name> |
|
101 <loctext xml:lang='C'> |
|
102 pflog - PF log daemon |
|
103 </loctext> |
|
104 </common_name> |
|
105 <documentation> |
|
106 <manpage title='pflogd' section='1M' manpath='/usr/share/man' /> |
|
107 </documentation> |
|
108 <pg_pattern name="pflog" type="application" target="instance" required="true"> |
|
109 <prop_pattern name="logfile" type="astring" required="true"> |
|
110 <cardinality min="1" max="1"/> |
|
111 </prop_pattern> |
|
112 <prop_pattern name="snaplen" type="integer" required="true"> |
|
113 <cardinality min="1" max="1"/> |
|
114 <constraints> |
|
115 <range min="0" max="2147483647"/> |
|
116 </constraints> |
|
117 </prop_pattern> |
|
118 <prop_pattern name="interface" type="astring" required="true"> |
|
119 <cardinality min="1" max="1"/> |
|
120 </prop_pattern> |
|
121 <prop_pattern name="delay" type="integer" required="true"> |
|
122 <cardinality min="1" max="1"/> |
|
123 <constraints> |
|
124 <range min="5" max="3600"/> |
|
125 </constraints> |
|
126 </prop_pattern> |
|
127 <prop_pattern name="filter" type="astring" required="true"> |
|
128 <cardinality min="0" max="1"/> |
|
129 </prop_pattern> |
|
130 <prop_pattern name="value_authorization" type="astring"> |
|
131 </prop_pattern> |
|
132 </pg_pattern> |
|
133 </template> |
|
134 </service> |
|
135 |
|
136 </service_bundle> |
|