Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Widentd without a syslog message every single time

    pfSense Packages
    1
    1
    740
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      timthetortoise last edited by

      I've started using the widentd package and started getting really fed up with messages flooding my system.log file every time a request was processed, so I made a replacement that will not spam syslog (since I couldn't locate the source). This will work for requests in the PORT, PORT format and accepts -i, -o, and -u flags. There is minimal error checking, so be careful. Hope someone finds this useful.

      http://sharesend.com/a04jlkx4 - 386 version
      http://sharesend.com/ufphtha7 - amd64 version

      To use instead of default, grab the file, pop it on to pfSense.

      
      killall widentd
      mv /usr/local/sbin/widentd /usr/local/sbin/widentd.orig
      chmod +x widentd-xxx
      mv widentd-xxx /usr/local/sbin/widentd
      /usr/local/etc/rc.d/widentd.sh start
      
      

      Source (written in Go, definitely could be done better but this was just a quick hack put together in an hour - mostly to learn more Go):

      
      package main
      
      import (
      	"net"
      	"fmt"
      	"os"
      	"strings"
      	"errors"
      	"flag"
      	"io"
      )
      
      func create_ident_response(request string, user string, system string) (string,error) {
      	var response string
      	request = strings.Replace(request, " ", "", -1)
      	request = strings.Replace(request, "\r\n", "", 1)
      
      	if strings.Index(request, ",") == -1 {
      		return "",errors.New("ident request is in invalid format")
      	}
      
      	sections := strings.Split(request, ",")
      
      	response = sections[0] + ", " + sections[1] + " : USERID : " + system + " : " + user + "\r\n"
      
      	return response,nil
      }
      
      func ident_srv(lis net.Listener, user string, system string) {
      	for {
      		var (
      			buffer string
      			read = true;
      			data = make([]byte, 1024)
      		)
      
      		con, err := lis.Accept();
      
      		if err != nil {
      			fmt.Println(err);
      			continue;
      		}
      
      		for read {
      			n, err := con.Read(data);
      
      			switch err {
      			case io.EOF:
      				read = false;
      			case nil:
      				buffer = string(data[0:n])
      				response,err := create_ident_response(buffer, user, system)
      
      				if err == nil {
      					con.Write([]byte(response))
      				}
      			default:
      				read = false;
      			}
      		}
      
      		con.Close();
      	}
      }
      
      func main() {
      	var (
      		host = flag.String("i", "", "The listening address")
      		user = flag.String("u", "", "The userid to return")
      		system = flag.String("o", "", "The system name to return")
      		port = "113"
      		rem = *host + ":" + port
      	)
      
      	flag.Parse()
      
      	if *host == "" { flag.PrintDefaults(); os.Exit(3) }
      	if *user == "" { flag.PrintDefaults(); os.Exit(3) }
      	if *system == "" { flag.PrintDefaults(); os.Exit(3) }
      
      	lis, err := net.Listen("tcp", rem)
      	defer lis.Close()
      
      	if err != nil {
      		fmt.Println(err)
      		os.Exit(1)
      	}
      
      	ident_srv(lis, *user, *system)
      }
      
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post