[ On Wednesday, February 27, 2002 at 14:37:19 (-0500), Andrew Brown wrote: ]
> Subject: Re: ipmon does not start as daemon
>
> >1. Previously to the addition of '-D', the '&' operator was used
> >   explicilty to put "ipmon" into the background and to simulate making
> >   it into a daemon.  The '&' did not have to be specified in
> >   /etc/rc.conf (or defaulted in /etc/defaults/rc.conf)
> 
> okay, but it's better now, with the -D in the defaults.

No, it's obviously very clearly NOT better with '-D' in ipmon_flags!

This is not the first time someone has "lost" the '-D' when configuring
their system.

It's a _REQUIRED_ option for this usage of the program -- it should be
given explicitly in the rc script just as other scripts give all
required options to the daemons they invoke without leaving their
specification up to the administrator who may not even know the full
requirements of the environment created by /etc/rc.

> actually, i'd have to ask around, but it strikes me that ipmon was
> *not* written in the "sysv style" but as a tool that admins were
> expected to use from the command line that *later* had the "daemon"
> functionality added to it.

What's the point of doing temporary monitoring of filter actions?

Yes you might want to ignore them most times, but surely you'd simply
drop the "log" keyword from the rules if that were the case, no?

I'm sure Darren can confirm his original idea of how "ipmon" would be
invoked and used....  I know I've suggested the SysV idea before and
he's not denied it, but neither did he reply to the messages in which I
made the suggestion.

> actually, this all seems to stem from a problem with some old
> documentation somewhere...

'-D' was added to ipmon somewhere between 3.2.3 and 3.2.4, and thus
first in NetBSD-1.4 (and in NetBSD-1.3.3) -- confusion surrounding its
use has been long standing.

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>