#!/bin/sh # # PROVIDE: tarssh # REQUIRE: DAEMON # KEYWORD: shutdown # # Supported options in /etc/rc.conf: # # tarssh_enable (bool): Enable tarssh server, set to "YES" to enable # default: "NO" # tarssh_log (str): The location for tarssh to log. # One of "SYSLOG", "NO", or an absolute file path # default: "SYSLOG" # tarssh_listen (str): Listen on given host:port pairs # default: "0.0.0.0:22 [::]:22" # tarssh_timeout (int): Network timeout in seconds # default: 30 # tarssh_delay (int): Time between tarpit messages in seconds # default: 10 # tarssh_max_clients (int): Maximum client count # default: 1024 # tarssh_daemon_user (str): User to switch to after launch # default: nobody # tarssh_daemon_chroot (str): Directory to chroot to after launch # default: "/var/empty" # . /etc/rc.subr name="tarssh" desc="SSH tarpit server" rcvar="tarssh_enable" load_rc_config "${name}" pidfile="/var/run/${name}.pid" procname="/usr/local/sbin/tarssh" command="/usr/sbin/daemon" start_cmd=start_cmd : "${tarssh_enable:=NO}" : "${tarssh_log:=SYSLOG}" : "${tarssh_listen:=0.0.0.0:22 [::]:22}" : "${tarssh_timeout:=30}" : "${tarssh_delay:=10}" : "${tarssh_max_clients:=1024}" : "${tarssh_daemon_user:=nobody}" : "${tarssh_daemon_chroot:=/var/empty}" start_cmd() { check_startmsgs && echo "Starting ${name}." case "${tarssh_log}" in [Ss][Yy][Ss][Ll][Oo][Gg]) # syslog /usr/sbin/daemon -p "${pidfile}" -c -s info -T "${name}" \ "${procname}" --disable-log-timestamps --disable-log-level --disable-log-ident -v \ -l ${tarssh_listen} -c "${tarssh_max_clients}" -d "${tarssh_delay}" \ -u "${tarssh_daemon_user}" --chroot "${tarssh_daemon_chroot}" ;; /*) # absolute path /usr/sbin/daemon -p "${pidfile}" -c -o "${tarssh_log}" \ "${procname}" -v --disable-log-level \ -l ${tarssh_listen} -c "${tarssh_max_clients}" -d "${tarssh_delay}" \ -u "${tarssh_daemon_user}" --chroot "${tarssh_daemon_chroot}" ;; [Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0) # no logging /usr/sbin/daemon -p "${pidfile}" -c -f \ "${procname}" \ -l ${tarssh_listen} -c "${tarssh_max_clients}" -d "${tarssh_delay}" \ -u "${tarssh_daemon_user}" --chroot "${tarssh_daemon_chroot}" ;; *) warn "\$tarssh_log is not set properly (one of 'SYSLOG', an absolute path, or 'NO')" return 1 ;; esac } run_rc_command "$1"