--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/pflogd/pflogd.Solaris/firewall-pflog.xml Thu Mar 17 00:08:54 2016 -0700
@@ -0,0 +1,136 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<!--
+
+ CDDL HEADER START
+
+ The contents of this file are subject to the terms of the
+ Common Development and Distribution License (the "License").
+ You may not use this file except in compliance with the License.
+
+ You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ or http://www.opensolaris.org/os/licensing.
+ See the License for the specific language governing permissions
+ and limitations under the License.
+
+ When distributing Covered Code, include this CDDL HEADER in each
+ file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ If applicable, add the following below this CDDL HEADER, with the
+ fields enclosed by brackets "[]" replaced with your own identifying
+ information: Portions Copyright [yyyy] [name of copyright owner]
+
+ CDDL HEADER END
+
+ Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
+
+ NOTE: This service manifest is not editable; its contents will
+ be overwritten by package or patch operations, including
+ operating system upgrade. Make customizations in a different
+ file.
+-->
+
+<service_bundle type='manifest' name='network/firewall/pflog' >
+
+<service
+ name='network/firewall/pflog'
+ type='service'
+ version='1'>
+ <method_context>
+ <method_credential
+ user='daemon'
+ group='daemon'
+ privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*'
+ />
+ </method_context>
+
+ <exec_method
+ type='method'
+ name='start'
+ exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"'
+ timeout_seconds='30'>
+ </exec_method>
+
+ <exec_method
+ type='method'
+ name='stop'
+ exec=':kill'
+ timeout_seconds='60'>
+ </exec_method>
+
+ <exec_method
+ type='method'
+ name='refresh'
+ exec=':kill -HUP'
+ timeout_seconds='5'>
+ </exec_method>
+
+ <instance name='default' enabled='false' complete='true'>
+ <property_group name="general" type="framework">
+ <propval
+ name='action_authorization'
+ type='astring'
+ value='solaris.smf.manage.network.firewall' />
+ <propval
+ name='value_authorization'
+ type='astring'
+ value='solaris.smf.manage.network.firewall' />
+ </property_group>
+ <property_group name='pflog' type='application'>
+ <propval
+ name='logfile'
+ type='astring'
+ value='/var/log/firewall/pflog/pflog0.pkt' />
+ <propval name='snaplen' type='integer' value='160' />
+ <propval
+ name='interface'
+ type='astring'
+ value='pflog0' />
+ <propval name='delay' type='integer' value='60' />
+ <propval name='filter' type='astring' value='' />
+ <propval
+ name='value_authorization'
+ type='astring'
+ value='solaris.smf.value.network.firewall' />
+ </property_group>
+ </instance>
+
+ <stability value='Unstable' />
+
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>
+ pflog - PF log daemon
+ </loctext>
+ </common_name>
+ <documentation>
+ <manpage title='pflogd' section='1M' manpath='/usr/share/man' />
+ </documentation>
+ <pg_pattern name="pflog" type="application" target="instance" required="true">
+ <prop_pattern name="logfile" type="astring" required="true">
+ <cardinality min="1" max="1"/>
+ </prop_pattern>
+ <prop_pattern name="snaplen" type="integer" required="true">
+ <cardinality min="1" max="1"/>
+ <constraints>
+ <range min="0" max="2147483647"/>
+ </constraints>
+ </prop_pattern>
+ <prop_pattern name="interface" type="astring" required="true">
+ <cardinality min="1" max="1"/>
+ </prop_pattern>
+ <prop_pattern name="delay" type="integer" required="true">
+ <cardinality min="1" max="1"/>
+ <constraints>
+ <range min="5" max="3600"/>
+ </constraints>
+ </prop_pattern>
+ <prop_pattern name="filter" type="astring" required="true">
+ <cardinality min="0" max="1"/>
+ </prop_pattern>
+ <prop_pattern name="value_authorization" type="astring">
+ </prop_pattern>
+ </pg_pattern>
+ </template>
+</service>
+
+</service_bundle>