Created
September 18, 2012 05:34
-
-
Save jcrugzz/3741446 to your computer and use it in GitHub Desktop.
smartos logs ipfilter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
+ SMF_EXIT_MON_OFFLINE=98 | |
+ SMF_EXIT_ERR_NOSMF=99 | |
+ SMF_EXIT_ERR_PERM=100 | |
+ . /lib/svc/share/ipf_include.sh | |
+ IPFILTER_FMRI=svc:/network/ipfilter:default | |
+ ETC_IPF_DIR=/etc/ipf | |
+ /usr/bin/svcprop -p config/ipf6_config_file svc:/network/ipfilter:default | |
+ 2> /dev/null | |
+ IP6FILCONF=/etc/ipf/ipf6.conf | |
+ [ 0 -eq 1 ] | |
+ /usr/bin/svcprop -p config/ipnat_config_file svc:/network/ipfilter:default | |
+ 2> /dev/null | |
+ IPNATCONF=/etc/ipf/ipnat.conf | |
+ [ 0 -eq 1 ] | |
+ /usr/bin/svcprop -p config/ippool_config_file svc:/network/ipfilter:default | |
+ 2> /dev/null | |
+ IPPOOLCONF=/etc/ipf/ippool.conf | |
+ [ 0 -eq 1 ] | |
+ VAR_IPF_DIR=/var/run/ipf | |
+ IPFILCONF=/var/run/ipf/ipf.conf | |
+ IPFILOVRCONF=/var/run/ipf/ipf_ovr.conf | |
+ IPF_LOCK=/var/run/ipflock | |
+ CONF_FILES='' | |
+ NAT_FILES='' | |
+ IPF_SUFFIX=.ipf | |
+ NAT_SUFFIX=.nat | |
+ CURRENT_VERSION=1 | |
+ IPF_FMRI=svc:/network/ipfilter:default | |
+ INETDFMRI=svc:/network/inetd:default | |
+ RPCBINDFMRI=svc:/network/rpc/bind:default | |
+ SMF_ONLINE=online | |
+ SMF_MAINT=maintenance | |
+ SMF_NONE=none | |
+ FW_CONTEXT_PG=firewall_context | |
+ METHOD_PROP=ipf_method | |
+ FW_CONFIG_PG=firewall_config | |
+ POLICY_PROP=policy | |
+ APPLY2_PROP=apply_to | |
+ EXCEPTIONS_PROP=exceptions | |
+ FW_CONFIG_DEF_PG=firewall_config_default | |
+ FW_CONFIG_OVR_PG=firewall_config_override | |
+ CUSTOM_FILE_PROP=custom_policy_file | |
+ OPEN_PORTS_PROP=open_ports | |
+ PREFIX_HOST=host: | |
+ PREFIX_NET=network: | |
+ PREFIX_POOL=pool: | |
+ PREFIX_IF=if: | |
+ GLOBAL_CONFIG='' | |
+ GLOBAL_POLICY='' | |
+ SERVINFO=/usr/lib/servinfo | |
+ server_port_list='' | |
+ global_init | |
+ awk '{$2=" "; print $0}' | |
+ svcprop -p firewall_config_override -p firewall_config_default svc:/network/ipfilter:default | |
+ 2> /dev/null | |
+ GLOBAL_CONFIG=$'firewall_config_default/apply_to ""\nfirewall_config_default/exceptions ""\nfirewall_config_default/open_ports ""\nfirewall_config_default/value_authorization solaris.smf.value.firewall.config\nfirewall_config_default/version 1\nfirewall_config_default/policy custom\nfirewall_config_default/custom_policy_file /etc/ipf/ipf.conf\nfirewall_config_override/apply_to ""\nfirewall_config_override/policy none\nfirewall_config_override/value_authorization solaris.smf.value.firewall.config' | |
+ global_get_prop_value firewall_config_default policy | |
+ target_pg=firewall_config_default | |
+ prop=policy | |
+ [ firewall_config_default != firewall_config_override -a firewall_config_default != firewall_config_default ] | |
+ [ firewall_config_default == firewall_config_default ] | |
+ extra_pg=firewall_config_override | |
+ awk $'{\n\t\tfound=0\n\t\tfor (i=1; i<=NF; i++) {\n\t\t\tif (found == 1) {\n\t\t\t\tif (index($i, target_pg) == 1 || index($i, extra_pg) == 1)\n\t\t\t\t\tbreak;\n\n\t\t\t\tprint $i;\n\t\t\t}\n\n\t\t\tif (split($i, values, "/") < 2)\n\t\t\t\tcontinue;\n\n\t\t\tif (values[1] == target_pg && values[2] == prop)\n\t\t\t\tfound=1;\n\t\t}\n\t}' target_pg=firewall_config_default prop=policy extra_pg=firewall_config_override | |
+ echo firewall_config_default/apply_to '""' firewall_config_default/exceptions '""' firewall_config_default/open_ports '""' firewall_config_default/value_authorization solaris.smf.value.firewall.config firewall_config_default/version 1 firewall_config_default/policy custom firewall_config_default/custom_policy_file /etc/ipf/ipf.conf firewall_config_override/apply_to '""' firewall_config_override/policy none firewall_config_override/value_authorization solaris.smf.value.firewall.config | |
+ value=custom | |
+ echo custom | |
+ GLOBAL_POLICY=custom | |
+ PATH=/usr/sbin:/usr/bin:/usr/sbin:/usr/lib/ipf | |
+ PIDFILE=/var/run/ipmon.pid | |
+ PFILCHECKED=no | |
+ smf_zonename | |
+ echo dbe54ca7-f0a3-45a7-ad66-e925198c5f5f | |
+ zone=dbe54ca7-f0a3-45a7-ad66-e925198c5f5f | |
+ awk '/ipf/ { print $1 } ' - | |
+ 2> /dev/null | |
+ /usr/sbin/modinfo | |
+ 2>& 1 | |
+ ipfid=210 | |
+ [ -f /var/run/ipmon.pid ] | |
+ pgrep -z dbe54ca7-f0a3-45a7-ad66-e925198c5f5f ipmon | |
+ pid='' | |
+ config_get_version | |
+ svcprop -p firewall_config_default/version svc:/network/ipfilter:default | |
+ 2> /dev/null | |
+ ver=1 | |
+ [ 0 -ne 0 -o -z 1 ] | |
+ echo 1 | |
+ ver=1 | |
+ [ 0 -eq 1 ] | |
+ [ 1 -ne 1 ] | |
+ configure_firewall | |
+ create_global_rules | |
+ [ custom = custom ] | |
+ global_get_prop_value firewall_config_default custom_policy_file | |
+ target_pg=firewall_config_default | |
+ prop=custom_policy_file | |
+ [ firewall_config_default != firewall_config_override -a firewall_config_default != firewall_config_default ] | |
+ [ firewall_config_default == firewall_config_default ] | |
+ extra_pg=firewall_config_override | |
+ awk $'{\n\t\tfound=0\n\t\tfor (i=1; i<=NF; i++) {\n\t\t\tif (found == 1) {\n\t\t\t\tif (index($i, target_pg) == 1 || index($i, extra_pg) == 1)\n\t\t\t\t\tbreak;\n\n\t\t\t\tprint $i;\n\t\t\t}\n\n\t\t\tif (split($i, values, "/") < 2)\n\t\t\t\tcontinue;\n\n\t\t\tif (values[1] == target_pg && values[2] == prop)\n\t\t\t\tfound=1;\n\t\t}\n\t}' target_pg=firewall_config_default prop=custom_policy_file extra_pg=firewall_config_override | |
+ echo firewall_config_default/apply_to '""' firewall_config_default/exceptions '""' firewall_config_default/open_ports '""' firewall_config_default/value_authorization solaris.smf.value.firewall.config firewall_config_default/version 1 firewall_config_default/policy custom firewall_config_default/custom_policy_file /etc/ipf/ipf.conf firewall_config_override/apply_to '""' firewall_config_override/policy none firewall_config_override/value_authorization solaris.smf.value.firewall.config | |
+ value=/etc/ipf/ipf.conf | |
+ echo /etc/ipf/ipf.conf | |
+ file=/etc/ipf/ipf.conf | |
+ [ -n /etc/ipf/ipf.conf ] | |
+ custom_set_symlink /etc/ipf/ipf.conf | |
+ [ ! -f /etc/ipf/ipf.conf ] | |
+ check_ipf_dir | |
+ [ -d /var/run/ipf ] | |
+ return 0 | |
+ rm /var/run/ipf/ipf.conf | |
+ 1> /dev/null 2>& 1 | |
+ ln -s /etc/ipf/ipf.conf /var/run/ipf/ipf.conf | |
+ 1> /dev/null 2>& 1 | |
+ return 0 | |
+ create_global_ovr_rules | |
+ [ custom = custom ] | |
+ echo $'# \'custom\' global policy' | |
+ 1> /var/run/ipf/ipf_ovr.conf | |
+ return 0 | |
+ create_services_rules | |
+ [ custom = custom ] | |
+ return 0 | |
+ [ ! -f /var/run/ipf/ipf.conf -a ! -f /etc/ipf/ipnat.conf ] | |
+ ipf -E | |
+ load_ippool | |
+ [ -r /etc/ipf/ippool.conf ] | |
+ return 0 | |
+ load_ipf | |
+ bad=0 | |
+ ipf -IFa | |
+ [ -r /var/run/ipf/ipf_ovr.conf ] | |
+ ipf -I -f /var/run/ipf/ipf_ovr.conf | |
+ [ 0 != 0 ] | |
+ [ -r /var/run/ipf/ipf.conf ] | |
+ ipf -I -f /var/run/ipf/ipf.conf | |
syntax error error at ".", line 8 | |
+ [ 1 != 0 ] | |
+ echo '/lib/svc/method/ipfilter: load of /var/run/ipf/ipf.conf into alternate' 'set failed' | |
/lib/svc/method/ipfilter: load of /var/run/ipf/ipf.conf into alternate set failed | |
+ bad=1 | |
+ [ -r /etc/ipf/ipf6.conf ] | |
+ [ 1 -eq 0 ] | |
+ echo 'Not switching config due to load error.' | |
Not switching config due to load error. | |
+ return 1 | |
+ exit 96 | |
[ Sep 18 05:02:37 Method "start" exited with status 96. ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment