<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
CDDL HEADER START
The contents of this file are subject to the terms of the
Common Development and Distribution License (the "License").
You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
or http://www.opensolaris.org/os/licensing.
See the License for the specific language governing permissions
and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each
file and include the License file at usr/src/OPENSOLARIS.LICENSE.
If applicable, add the following below this CDDL HEADER, with the
fields enclosed by brackets "[]" replaced with your own identifying
information: Portions Copyright [yyyy] [name of copyright owner]
CDDL HEADER END
Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
NOTE: This service manifest is not editable; its contents will
be overwritten by package or patch operations, including
operating system upgrade. Make customizations in a different
file.
-->
<service_bundle type='manifest' name='network/firewall/pflog' >
<service
name='network/firewall/pflog'
type='service'
version='1'>
<method_context>
<method_credential
user='daemon'
group='daemon'
privileges='basic,!file_write,!file_link_any,!proc_info,!proc_session,!net_access,net_observability,sys_ip_config,{file_write}:/var/log/firewall/*'
/>
</method_context>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/pflog start "%{pflog/logfile}" "%{pflog/snaplen}" "%{pflog/interface}" "%{pflog/delay}" "%{pflog/filter}"'
timeout_seconds='30'>
</exec_method>
<exec_method
type='method'
name='stop'
exec=':kill'
timeout_seconds='60'>
</exec_method>
<exec_method
type='method'
name='refresh'
exec=':kill -HUP'
timeout_seconds='5'>
</exec_method>
<instance name='default' enabled='false' complete='true'>
<property_group name="general" type="framework">
<propval
name='action_authorization'
type='astring'
value='solaris.smf.manage.network.firewall' />
<propval
name='value_authorization'
type='astring'
value='solaris.smf.manage.network.firewall' />
</property_group>
<property_group name='pflog' type='application'>
<propval
name='logfile'
type='astring'
value='/var/log/firewall/pflog/pflog0.pkt' />
<propval name='snaplen' type='integer' value='160' />
<propval
name='interface'
type='astring'
value='pflog0' />
<propval name='delay' type='integer' value='60' />
<propval name='filter' type='astring' value='' />
<propval
name='value_authorization'
type='astring'
value='solaris.smf.value.network.firewall' />
</property_group>
</instance>
<stability value='Unstable' />
<template>
<common_name>
<loctext xml:lang='C'>
pflog - PF log daemon
</loctext>
</common_name>
<documentation>
<manpage title='pflogd' section='1M' manpath='/usr/share/man' />
</documentation>
<pg_pattern name="pflog" type="application" target="instance" required="true">
<prop_pattern name="logfile" type="astring" required="true">
<cardinality min="1" max="1"/>
</prop_pattern>
<prop_pattern name="snaplen" type="integer" required="true">
<cardinality min="1" max="1"/>
<constraints>
<range min="0" max="2147483647"/>
</constraints>
</prop_pattern>
<prop_pattern name="interface" type="astring" required="true">
<cardinality min="1" max="1"/>
</prop_pattern>
<prop_pattern name="delay" type="integer" required="true">
<cardinality min="1" max="1"/>
<constraints>
<range min="5" max="3600"/>
</constraints>
</prop_pattern>
<prop_pattern name="filter" type="astring" required="true">
<cardinality min="0" max="1"/>
</prop_pattern>
<prop_pattern name="value_authorization" type="astring">
</prop_pattern>
</pg_pattern>
</template>
</service>
</service_bundle>