From 44598fd7dd6be8207bae512b8b6e13f08e265d2a Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Thu, 20 Oct 2011 23:31:59 -0400 Subject: [PATCH] Added --digest-file and --pid-file args Added --digest-file and --pid-file args so that the user can easily alter these paths from the command line. --- doc/fwknopd.man.asciidoc | 12 +++++++++++- server/cmd_opts.h | 6 ++++-- server/config_init.c | 20 ++++++++++++++++---- server/fwknopd.c | 7 +------ 4 files changed, 32 insertions(+), 13 deletions(-) diff --git a/doc/fwknopd.man.asciidoc b/doc/fwknopd.man.asciidoc index 161875d6..b89503e1 100644 --- a/doc/fwknopd.man.asciidoc +++ b/doc/fwknopd.man.asciidoc @@ -37,7 +37,7 @@ COMMAND-LINE OPTIONS *-a, --access-file*='':: Specify the location of the 'access.conf' file. If this option is not given, 'fwknopd' will use the compile-time default location (typically - '@sysconfdir@/fwknop/access.conf'. + '@sysconfdir@/fwknop/access.conf'). *-c, --config*='':: Specify the location of the 'fwknopd.conf' file. If this option is @@ -48,6 +48,11 @@ COMMAND-LINE OPTIONS Specify the number of candidate SPA packets to process and exit when this limit is reached. +*-d, --digest-file*='':: + Specify the location of the 'digest.cache' file. If this option is + not given, 'fwknopd' will use the compile-time default location (typically + '@localstatedir@/run/fwknop/digest.cache). + *-D, --Dump-config*:: Dump the configuration values that *fwknopd* derives from the 'fwknopd.conf' (or override files) and 'access.conf' on stderr. @@ -87,6 +92,11 @@ COMMAND-LINE OPTIONS 'fwknopd.conf' file with values from the specified file. Multiple override config files can be given as a comma-separated list. +*-p, --pid-file*='':: + Specify the location of the 'fwknopd.pid' file. If this option is + not given, 'fwknopd' will use the compile-time default location (typically + '@localstatedir@/run/fwknop/fwknopd.pid). + *-P, --pcap-filter*='':: Specify a Berkeley packet filter statement on the *fwknopd* command line. This overrides the value of the PCAP_FILTER variable taken diff --git a/server/cmd_opts.h b/server/cmd_opts.h index 3fe62a0a..59b2879c 100644 --- a/server/cmd_opts.h +++ b/server/cmd_opts.h @@ -116,7 +116,7 @@ enum { /* Our getopt_long options string. */ -#define GETOPTS_OPTION_STRING "a:c:C:Dfhi:Kl:O:P:RSvV" +#define GETOPTS_OPTION_STRING "a:c:C:d:Dfhi:Kl:O:p:P:RSvV" /* Our program command-line options... */ @@ -125,19 +125,21 @@ static struct option cmd_opts[] = {"access-file", 1, NULL, 'a'}, {"config-file", 1, NULL, 'c'}, {"packet-limit", 1, NULL, 'C'}, + {"digest-file", 1, NULL, 'd'}, {"dump-config", 0, NULL, 'D'}, {"foreground", 0, NULL, 'f'}, {"help", 0, NULL, 'h'}, {"interface", 1, NULL, 'i'}, {"kill", 0, NULL, 'K'}, + {"fw-flush", 0, NULL, FW_FLUSH }, {"fw-list", 0, NULL, FW_LIST }, {"fw-list-all", 0, NULL, FW_LIST_ALL }, - {"fw-flush", 0, NULL, FW_FLUSH }, {"gpg-home-dir", 1, NULL, GPG_HOME_DIR }, {"locale", 1, NULL, 'l' }, {"rotate-digest-cache", 0, NULL, ROTATE_DIGEST_CACHE }, {"override-config", 1, NULL, 'O' }, {"pcap-filter", 1, NULL, 'P'}, + {"pid-file", 1, NULL, 'p'}, {"restart", 0, NULL, 'R'}, {"status", 0, NULL, 'S'}, {"verbose", 0, NULL, 'v'}, diff --git a/server/config_init.c b/server/config_init.c index d3bc305b..c0a7e9f0 100644 --- a/server/config_init.c +++ b/server/config_init.c @@ -644,6 +644,13 @@ config_init(fko_srv_options_t *opts, int argc, char **argv) case 'C': opts->packet_ctr_limit = atoi(optarg); break; + case 'd': +#if USE_FILE_CACHE + set_config_entry(opts, CONF_DIGEST_FILE, optarg); +#else + set_config_entry(opts, CONF_DIGEST_DB_FILE, optarg); +#endif + break; case 'D': opts->dump_config = 1; break; @@ -679,15 +686,18 @@ config_init(fko_srv_options_t *opts, int argc, char **argv) case 'K': opts->kill = 1; break; - case 'l': - set_config_entry(opts, CONF_LOCALE, optarg); - break; + case 'l': + set_config_entry(opts, CONF_LOCALE, optarg); + break; case 'O': /* This was handled earlier */ break; + case 'p': + set_config_entry(opts, CONF_FWKNOP_PID_FILE, optarg); + break; case 'P': set_config_entry(opts, CONF_PCAP_FILTER, optarg); - break; + break; case ROTATE_DIGEST_CACHE: opts->rotate_digest_cache = 1; break; @@ -750,6 +760,7 @@ usage(void) " -c, --config-file - Specify an alternate configuration file.\n" " -C, --packet-limit - Limit the number of candidate SPA packets to\n" " process and exit when this limit is reached.\n" + " -d, --digest-file - Specify an alternate digest.cache file.\n" " -D, --dump-config - Dump the current fwknop configuration values.\n" " -f, --foreground - Run fwknopd in the foreground (do not become\n" " a background daemon).\n" @@ -761,6 +772,7 @@ usage(void) " default.\n" " -O, --override-config - Specify a file with configuration entries that will\n" " overide those in fwknopd.conf\n" + " -p, --pid-file - Specify an alternate fwknopd.pid file.\n" " -P, --pcap-filter - Specify a Berkeley packet filter statement to\n" " override the PCAP_FILTER variable in fwknopd.conf.\n" " -R, --restart - Force the currently running fwknopd to restart.\n" diff --git a/server/fwknopd.c b/server/fwknopd.c index 340a9dbb..6fcd9562 100644 --- a/server/fwknopd.c +++ b/server/fwknopd.c @@ -167,11 +167,6 @@ main(int argc, char **argv) * in case it configured to be somewhere other than the run dir. */ check_dir_path((const char *)opts.config[CONF_FWKNOP_RUN_DIR], "Run", 0); -#if USE_FILE_CACHE - check_dir_path((const char *)opts.config[CONF_DIGEST_FILE], "Run", 1); -#else - check_dir_path((const char *)opts.config[CONF_DIGEST_DB_FILE], "Run", 1); -#endif /* Initialize the firewall rules handler based on the fwknopd.conf * file, but (for iptables firewalls) don't flush any rules or create @@ -402,7 +397,7 @@ check_dir_path(const char *filepath, const char *fp_desc, unsigned char use_base if(*filepath != PATH_SEP) { log_msg(LOG_ERR, - "Configured %s directory (%s) is not an absolute path.", fp_desc, filepath + "Path '%s' is not absolute.", filepath ); exit(EXIT_FAILURE); }