#!/bin/sh

# PROVIDE: p0f2
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# p0f_enable (bool):	Set to NO by default.
#
# p0f_user:		User to drop privileges and change to
#
# p0f_int:		Network interface to listen on
#
# p0f_sock (path):	Path to socket used to communicate with p0f
#
# p0f_args:		Additonal options passed to the p0f daemon
#
# p0f_log (path):	File where p0f logs matches
#
# p0f_db (path):	Location of fingerprint db. 
#			Defaults to /usr/local/p0f/p0f.fp

. /etc/rc.subr

name="p0f"
rcvar=p0f_enable

load_rc_config ${name}

: ${p0f_enable:="NO"}
: ${p0f_user:="root"}
: ${p0f_sock:="/var/run/${name}.sock"}
: ${p0f_log:="/var/log/p0f.log"}
: ${p0f_db:="/usr/local/etc/p0f/p0f.fp"}

stop_cmd="${name}_stopcmd"
status_cmd="${name}_statuscmd"

pidfile=/var/run/${name}.pid
p0f_command="/usr/local/bin/${name} -i ${p0f_int} -u ${p0f_user} -Q ${p0f_sock} -o ${p0f_log} -f ${p0f_db} ${p0f_args}"
command="/usr/sbin/daemon"
command_args="-f -p ${pidfile} ${p0f_command}"

p0f_statuscmd()
{
	if [ ! -e $pidfile ];
	then
		echo "pidfile does not exist. $name is not running?";
		exit 1;
	fi

	if pgrep -F $pidfile >/dev/null;
	then
		echo "$name is running.";
	else
		echo "$name is not running.";
		exit 1;
	fi
}

p0f_stopcmd()
{
	if pgrep -F $pidfile >/dev/null; 
	then
		p0fpid=`cat $pidfile`;
		kill $sig_stop ${p0fpid};
		wait_for_pids ${p0fpid};
	else
		echo "$name is not running.";
		exit 1;
	fi
}

run_rc_command "$1"
