Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Widentd without a syslog message every single time

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 916 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      timthetortoise
      last edited by

      I've started using the widentd package and started getting really fed up with messages flooding my system.log file every time a request was processed, so I made a replacement that will not spam syslog (since I couldn't locate the source). This will work for requests in the PORT, PORT format and accepts -i, -o, and -u flags. There is minimal error checking, so be careful. Hope someone finds this useful.

      http://sharesend.com/a04jlkx4 - 386 version
      http://sharesend.com/ufphtha7 - amd64 version

      To use instead of default, grab the file, pop it on to pfSense.

      
killall widentd
mv /usr/local/sbin/widentd /usr/local/sbin/widentd.orig
chmod +x widentd-xxx
mv widentd-xxx /usr/local/sbin/widentd
/usr/local/etc/rc.d/widentd.sh start

      Source (written in Go, definitely could be done better but this was just a quick hack put together in an hour - mostly to learn more Go):

      
package main

import (
	"net"
	"fmt"
	"os"
	"strings"
	"errors"
	"flag"
	"io"
)

func create_ident_response(request string, user string, system string) (string,error) {
	var response string
	request = strings.Replace(request, " ", "", -1)
	request = strings.Replace(request, "\r\n", "", 1)

	if strings.Index(request, ",") == -1 {
		return "",errors.New("ident request is in invalid format")
	}

	sections := strings.Split(request, ",")

	response = sections[0] + ", " + sections[1] + " : USERID : " + system + " : " + user + "\r\n"

	return response,nil
}

func ident_srv(lis net.Listener, user string, system string) {
	for {
		var (
			buffer string
			read = true;
			data = make([]byte, 1024)
		)

		con, err := lis.Accept();

		if err != nil {
			fmt.Println(err);
			continue;
		}

		for read {
			n, err := con.Read(data);

			switch err {
			case io.EOF:
				read = false;
			case nil:
				buffer = string(data[0:n])
				response,err := create_ident_response(buffer, user, system)

				if err == nil {
					con.Write([]byte(response))
				}
			default:
				read = false;
			}
		}

		con.Close();
	}
}

func main() {
	var (
		host = flag.String("i", "", "The listening address")
		user = flag.String("u", "", "The userid to return")
		system = flag.String("o", "", "The system name to return")
		port = "113"
		rem = *host + ":" + port
	)

	flag.Parse()

	if *host == "" { flag.PrintDefaults(); os.Exit(3) }
	if *user == "" { flag.PrintDefaults(); os.Exit(3) }
	if *system == "" { flag.PrintDefaults(); os.Exit(3) }

	lis, err := net.Listen("tcp", rem)
	defer lis.Close()

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	ident_srv(lis, *user, *system)
}
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.