I'm working on getting p0f integrated with amavisd-new. Everything is
great, with the exception that I can't get the neccessary commands to
execute on boot.
I started with rc.local and that didn't work. So I made this simple script
in /usr/local/etc/rc.d/p0f:
---
#!/bin/sh
# PROVIDE: p0f
# REQUIRE: LOGIN
# BEFORE: securelevel
# KEYWORD: shutdown
. "/etc/rc.subr"
name="p0f"
rcvar=`set_rcvar`
command="/usr/local/bin/p0f"
command_args="-l 'tcp dst port 25' 2>&1 |
/usr/local/bin/p0f-analyzer.pl 2345 &"
pidfile="/var/run/$name.pid"
# read configuration and set defaults
load_rc_config "$name"
: ${p0f_enable="NO"}
run_rc_command "$1"
---
It does not execute on boot (yes, it's executable). It executes just fine
by hand.
I'm assuming it has something to do with redirecting stdout and stderr to
another script which is then shoved into the background?
How do I work around this?
(BTW, FreeBSD 8.0-STABLE #2: Wed May 12 13:28:18 EDT 2010)
Thanks,
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---
Hi-- On May 12, 2010, at 4:46 PM, Andy Dills wrote:> I'm working on getting p0f integrated with amavisd-new. Everything is > great, with the exception that I can't get the neccessary commands to > execute on boot.The amavid-p0fanalyzer script should have been installed if you used the port: % cat /usr/local/etc/rc.d/amavis-p0fanalyzer #!/bin/sh # $FreeBSD: ports/security/amavisd-new/files/amavis-p0fanalyzer.sh.in,v 1.6 2007/03/30 21:52:10 gabor Exp $ # PROVIDE: amavis_p0fanalyzer # REQUIRE: DAEMON # BEFORE: amavisd amavis_p0fanalyzer_enable="${amavis_p0fanalyzer_enable-NO}" amavis_p0fanalyzer_p0f_filter="${amavis_p0fanalyzer_p0f_filter-"tcp dst port 25"}" amavis_p0fanalyzer_pidfile1="${amavis_p0fanalyzer_pidfile1-/var/run/p0fanalyzer1.pid}" amavis_p0fanalyzer_pidfile2="${amavis_p0fanalyzer_pidfile2-/var/run/p0fanalyzer2.pid}" amavis_p0f_daemon_flags="${amavis_p0f_daemon_flags--l}" amavis_p0fanalyzer_flags="${amavis_p0fanalyzer_flags-2345}" . /etc/rc.subr name="amavis_p0fanalyzer" rcvar=`set_rcvar` start_cmd=p0fanalyzer_start stop_cmd=p0fanalyzer_stop p0fanalyzer_start() { echo "Starting p0f-analyzer." && \ /usr/sbin/daemon -p ${amavis_p0fanalyzer_pidfile1} \ /usr/local/bin/p0f ${amavis_p0f_daemon_flags} \ "${amavis_p0fanalyzer_p0f_filter}" 2>&1 | \ /usr/sbin/daemon -p ${amavis_p0fanalyzer_pidfile2} \ /usr/local/sbin/p0f-analyzer.pl ${amavis_p0fanalyzer_flags} } p0fanalyzer_stop() { /bin/kill `cat ${amavis_p0fanalyzer_pidfile2}` && rm ${amavis_p0fanalyzer_pidfile2} /bin/kill `cat ${amavis_p0fanalyzer_pidfile1}` && rm ${amavis_p0fanalyzer_pidfile1} } load_rc_config $name run_rc_command "$1" Regards, -- -Chuck
On 13.05.2010 06:46, Andy Dills wrote:> > I'm working on getting p0f integrated with amavisd-new. Everything is > great, with the exception that I can't get the neccessary commands to > execute on boot. > > I started with rc.local and that didn't work. So I made this simple script > in /usr/local/etc/rc.d/p0f: > > --- > > #!/bin/sh > > # PROVIDE: p0f > # REQUIRE: LOGIN > # BEFORE: securelevel > # KEYWORD: shutdown > > > . "/etc/rc.subr" > > name="p0f" > rcvar=`set_rcvar` > > command="/usr/local/bin/p0f" > command_args="-l 'tcp dst port 25' 2>&1 | /usr/local/bin/p0f-analyzer.pl 2345 &" > pidfile="/var/run/$name.pid"Perhaps, your "BEFORE: securelevel" may be a culprit, it's too early to run something from /usr/local/bin. Try to remove this line.