Widentd without a syslog message every single time


  • I've started using the widentd package and started getting really fed up with messages flooding my system.log file every time a request was processed, so I made a replacement that will not spam syslog (since I couldn't locate the source). This will work for requests in the PORT, PORT format and accepts -i, -o, and -u flags. There is minimal error checking, so be careful. Hope someone finds this useful.

    http://sharesend.com/a04jlkx4 - 386 version
    http://sharesend.com/ufphtha7 - amd64 version

    To use instead of default, grab the file, pop it on to pfSense.

    
    killall widentd
    mv /usr/local/sbin/widentd /usr/local/sbin/widentd.orig
    chmod +x widentd-xxx
    mv widentd-xxx /usr/local/sbin/widentd
    /usr/local/etc/rc.d/widentd.sh start
    
    

    Source (written in Go, definitely could be done better but this was just a quick hack put together in an hour - mostly to learn more Go):

    
    package main
    
    import (
    	"net"
    	"fmt"
    	"os"
    	"strings"
    	"errors"
    	"flag"
    	"io"
    )
    
    func create_ident_response(request string, user string, system string) (string,error) {
    	var response string
    	request = strings.Replace(request, " ", "", -1)
    	request = strings.Replace(request, "\r\n", "", 1)
    
    	if strings.Index(request, ",") == -1 {
    		return "",errors.New("ident request is in invalid format")
    	}
    
    	sections := strings.Split(request, ",")
    
    	response = sections[0] + ", " + sections[1] + " : USERID : " + system + " : " + user + "\r\n"
    
    	return response,nil
    }
    
    func ident_srv(lis net.Listener, user string, system string) {
    	for {
    		var (
    			buffer string
    			read = true;
    			data = make([]byte, 1024)
    		)
    
    		con, err := lis.Accept();
    
    		if err != nil {
    			fmt.Println(err);
    			continue;
    		}
    
    		for read {
    			n, err := con.Read(data);
    
    			switch err {
    			case io.EOF:
    				read = false;
    			case nil:
    				buffer = string(data[0:n])
    				response,err := create_ident_response(buffer, user, system)
    
    				if err == nil {
    					con.Write([]byte(response))
    				}
    			default:
    				read = false;
    			}
    		}
    
    		con.Close();
    	}
    }
    
    func main() {
    	var (
    		host = flag.String("i", "", "The listening address")
    		user = flag.String("u", "", "The userid to return")
    		system = flag.String("o", "", "The system name to return")
    		port = "113"
    		rem = *host + ":" + port
    	)
    
    	flag.Parse()
    
    	if *host == "" { flag.PrintDefaults(); os.Exit(3) }
    	if *user == "" { flag.PrintDefaults(); os.Exit(3) }
    	if *system == "" { flag.PrintDefaults(); os.Exit(3) }
    
    	lis, err := net.Listen("tcp", rem)
    	defer lis.Close()
    
    	if err != nil {
    		fmt.Println(err)
    		os.Exit(1)
    	}
    
    	ident_srv(lis, *user, *system)
    }