It doesn't mention this but you then need to restart the configd service for it to pick up the new action - this can be done by service configd restart or restarting the configd service in the webgui from System -> Diagnostics -> Services - until you do this it gives an error "Action not allowed or missing" is displayed in the webgui when using Start/restart
The service still doesn't start as the action tries to call service defguard [start/stop/restart/status] as seen in opnsense/src/opnsense/service/conf/actions.d/actions_defguardgateway.conf however the service is called defguard-gateway not defguard (the following error is returned: "defguard does not exist in /etc/rc.d or the local startup directories (/usr/local/etc/rc.d), or is not executable")
Starting the service manually using service defguard-gateway start still doesn't work (the following error is returned: "export: -gateway_env: bad variable name")
Starting the binary manually (/usr/local/sbin/defguard-gateway --config /etc/defguard/gateway.toml) appears to work, but the webgui still doesn't appear to work
If the Use WireGuard userspace kernel implementation is enabled the binary refuses to start with the error Error: WireguardError(ExecutableNotFound("wireguard-go")). To the best of my knowledge the userspace wireguard binary was removed from OPNsense a while ago and cannot be installed from the official plugin repo.
The defguard portion of the webgui always shows a Endpoint not found warning - the developer console shows a (failed) attempt to send an http POST to /api/defguardgateway/service/status that returns a 404 with the body {"errorMessage":"Endpoint not found"}
It is unclear to me if I should be setting up a new wireguard interface for defguard to hook in to and use or if defguard should be spinning up it's own wireguard interface. I have wg1 and wg2 existing already. Specifying wg0 (a non-existant interface) for the Network interface produces the error Interface configuration failed: WireGuard error BSD error: Write error ENXIO: No such device or address in syslog. Specifying wg1 (an already existing wireguard interface) gives the error: Couldn't create network interface wg2: BSD error: Write error EEXIST: File exists. Proceeding anyway.
For reference this is what running sh -x /etc/rc.d/defguard-gateway start results in:
So far I've been unable to get the defguard plugin working in OPNsense 24.7.3
I've been unable to find what versions are supported, but these are some of my notes from debugging:
Followed the instructions at https://defguard.gitbook.io/defguard/admin-and-features/setting-up-your-instance/gateway#opnsense-plugin
configdservice for it to pick up the new action - this can be done byservice configd restartor restarting theconfigdservice in the webgui fromSystem -> Diagnostics -> Services- until you do this it gives an error "Action not allowed or missing" is displayed in the webgui when usingStart/restartservice defguard [start/stop/restart/status]as seen in opnsense/src/opnsense/service/conf/actions.d/actions_defguardgateway.conf however the service is calleddefguard-gatewaynotdefguard(the following error is returned: "defguard does not exist in /etc/rc.d or the local startup directories (/usr/local/etc/rc.d), or is not executable")service defguard-gateway startstill doesn't work (the following error is returned: "export: -gateway_env: bad variable name")/usr/local/sbin/defguard-gateway --config /etc/defguard/gateway.toml) appears to work, but the webgui still doesn't appear to workUse WireGuard userspace kernel implementationis enabled the binary refuses to start with the errorError: WireguardError(ExecutableNotFound("wireguard-go")). To the best of my knowledge the userspace wireguard binary was removed from OPNsense a while ago and cannot be installed from the official plugin repo.Endpoint not foundwarning - the developer console shows a (failed) attempt to send an http POST to/api/defguardgateway/service/statusthat returns a 404 with the body{"errorMessage":"Endpoint not found"}wg1andwg2existing already. Specifyingwg0(a non-existant interface) for theNetwork interfaceproduces the errorInterface configuration failed: WireGuard error BSD error: Write error ENXIO: No such device or addressin syslog. Specifyingwg1(an already existing wireguard interface) gives the error:Couldn't create network interface wg2: BSD error: Write error EEXIST: File exists. Proceeding anyway.For reference this is what running
sh -x /etc/rc.d/defguard-gateway startresults in:Collapsed for brevity:
``` + . /etc/rc.subr + : 5937 + export RC_PID + [ -n '' ] + _rc_subr_loaded=YES + SYSCTL=/sbin/sysctl + SYSCTL_N='/sbin/sysctl -n' + SYSCTL_W=/sbin/sysctl + PROTECT=/usr/bin/protect + ID=/usr/bin/id + IDCMD='if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi' + PS='/bin/ps -ww' + JID=0 + CPUSET=/bin/cpuset + rc_service=defguard-gateway + _rc_namevarlist='program chroot chdir env flags fib nice user group groups prepend setup' + kenv -q rc.debug + command -v boottrace + boottrace_cmd=/usr/sbin/boottrace + [ -n /usr/sbin/boottrace ] + /sbin/sysctl -n -q kern.boottrace.enabled + [ 0 '=' 1 ] + name=defguard-gateway + rcvar=defguard_gateway_enable + command=/usr/local/sbin/defguard-gateway + config=/etc/defguard/gateway.toml + start_cmd=defguard-gateway_start + load_rc_config defguard-gateway + local _name _rcvar_val _var _defval _v _msg _new _d + _name=defguard-gateway + false + [ -r /etc/defaults/rc.conf ] + debug 'Sourcing /etc/defaults/rc.conf' + . /etc/defaults/rc.conf + : /usr/local + rc_info=NO + rc_startmsgs=YES + rcshutdown_timeout=90 + early_late_divider=FILESYSTEMS + always_force_depends=NO + apm_enable=NO + apmd_enable=NO + apmd_flags='' + ddb_enable=NO + ddb_config=/etc/ddb.conf + devd_enable=YES + devd_flags='' + devmatch_enable=YES + devmatch_blocklist='' + kldxref_enable=YES + kldxref_clobber=NO + kldxref_module_path='' + powerd_enable=NO + powerd_flags='' + tmpmfs=AUTO + tmpsize=20m + tmpmfs_flags=-S + utx_enable=YES + varmfs=AUTO + varsize=32m + varmfs_flags=-S + mfs_type=auto + populate_var=AUTO + cleanvar_enable=YES + var_run_enable=NO + var_run_autosave=NO + var_run_mtree=/var/db/mtree/BSD.var-run.mtree + local_startup=/usr/local/etc/rc.d + script_name_sep=' ' + rc_conf_files='/etc/rc.conf /etc/rc.conf.local' + zfs_enable=NO + zfskeys_enable=NO + zfs_bootonce_activate=NO + zpool_reguid='' + zpool_upgrade='' + zfsd_enable=NO + gptboot_enable=YES + gbde_autoattach_all=NO + gbde_devices=NO + gbde_attach_attempts=3 + gbde_lockdir=/etc + geli_devices='' + geli_groups='' + geli_tries='' + geli_default_flags='' + geli_autodetach=YES + root_rw_mount=YES + root_hold_delay=30 + fsck_flags=-p + fsck_y_enable=NO + fsck_y_flags='-T ffs:-R -T ufs:-R' + background_fsck=YES + background_fsck_delay=60 + growfs_enable=NO + growfs_swap_size='' + netfs_types='nfs:NFS smbfs:SMB' + extra_netfs_types=NO + hostname='' + hostid_enable=YES + hostid_file=/etc/hostid + hostid_uuidgen_flags=-r + machine_id_file=/etc/machine-id + nisdomainname=NO + dhclient_program=/sbin/dhclient + dhclient_flags='' + background_dhclient=NO + synchronous_dhclient=NO + defaultroute_delay=30 + defaultroute_carrier_delay=5 + netif_enable=YES + netif_ipexpand_max=2048 + wpa_supplicant_program=/usr/sbin/wpa_supplicant + wpa_supplicant_flags=-s + wpa_supplicant_conf_file=/etc/wpa_supplicant.conf + firewall_enable=NO + firewall_script=/etc/rc.firewall + firewall_type=UNKNOWN + firewall_quiet=NO + firewall_logging=NO + firewall_logif=NO + firewall_flags='' + firewall_coscripts='' + firewall_client_net=x.x.x.x/x + firewall_simple_iif=em1 + firewall_simple_inet=x.x.x.x/x + firewall_simple_oif=em0 + firewall_simple_onet=x.x.x.x/x + firewall_myservices='' + firewall_allowservices='' + firewall_trusted='' + firewall_logdeny=NO + firewall_nologports='135-139,445 1026,1027 1433,1434' + firewall_nat_enable=NO + firewall_nat_interface='' + firewall_nat_flags='' + firewall_nat64_enable=NO + firewall_nptv6_enable=NO + firewall_pmod_enable=NO + dummynet_enable=NO + ipfw_netflow_enable=NO + ip_portrange_first=NO + ip_portrange_last=NO + ike_enable=NO + ike_program=/usr/local/sbin/isakmpd + ike_flags='' + ipsec_enable=NO + ipsec_file=/etc/ipsec.conf + natd_program=/sbin/natd + natd_enable=NO + natd_interface='' + natd_flags='' + ipfilter_enable=NO + ipfilter_program=/sbin/ipf + ipfilter_rules=/etc/ipf.rules + ipfilter_flags='' + ippool_enable=NO + ippool_program=/sbin/ippool + ippool_rules=/etc/ippool.tables + ippool_flags='' + ipnat_enable=NO + ipnat_program=/sbin/ipnat + ipnat_rules=/etc/ipnat.rules + ipnat_flags='' + ipmon_enable=NO + ipmon_program=/sbin/ipmon + ipmon_flags=-Ds + ipfs_enable=NO + ipfs_program=/sbin/ipfs + ipfs_flags='' + pf_enable=NO + pf_rules=/etc/pf.conf + pf_program=/sbin/pfctl + pf_flags='' + pf_fallback_rules_enable=NO + pf_fallback_rules='block drop log all' + pf_fallback_rules_file=/etc/pf-fallback.conf + pflog_enable=NO + pflog_logfile=/var/log/pflog + pflog_program=/sbin/pflogd + pflog_flags='' + dnctl_enable=NO + dnctl_program=/sbin/dnctl + dnctl_rules=/etc/dnctl.conf + ftpproxy_enable=NO + ftpproxy_flags='' + pfsync_enable=NO + pfsync_syncdev='' + pfsync_syncpeer='' + pfsync_ifconfig='' + tcp_extensions=YES + log_in_vain=0 + tcp_keepalive=YES + tcp_drop_synfin=NO + icmp_drop_redirect=auto + icmp_log_redirect=NO + network_interfaces=auto + cloned_interfaces='' + ppp_enable=NO + ppp_program=/usr/sbin/ppp + ppp_mode=auto + ppp_nat=YES + ppp_profile=papchap + ppp_user=root + hostapd_program=/usr/sbin/hostapd + hostapd_enable=NO + syslogd_enable=YES + syslogd_program=/usr/sbin/syslogd + syslogd_flags=-s + syslogd_oomprotect=YES + altlog_proglist='' + inetd_enable=NO + inetd_program=/usr/sbin/inetd + inetd_flags='-wW -C 60' + iscsid_enable=NO + iscsictl_enable=NO + iscsictl_flags=-Aa + hastd_enable=NO + hastd_program=/sbin/hastd + hastd_flags='' + ggated_enable=NO + ggated_config=/etc/gg.exports + ggated_flags='' + ctld_enable=NO + local_unbound_enable=NO + local_unbound_tls=NO + blacklistd_enable=NO + blacklistd_flags='' + resolv_enable=YES + kdc_enable=NO + kdc_program=/usr/libexec/kdc + kdc_flags='' + kdc_restart=NO + kdc_restart_delay='' + kadmind_enable=NO + kadmind_program=/usr/libexec/kadmind + kpasswdd_enable=NO + kpasswdd_program=/usr/libexec/kpasswdd + kfd_enable=NO + kfd_program=/usr/libexec/kfd + kfd_flags='' + ipropd_master_enable=NO + ipropd_master_program=/usr/libexec/ipropd-master + ipropd_master_flags='' + ipropd_master_keytab=/etc/krb5.keytab + ipropd_master_slaves='' + ipropd_slave_enable=NO + ipropd_slave_program=/usr/libexec/ipropd-slave + ipropd_slave_flags='' + ipropd_slave_keytab=/etc/krb5.keytab + ipropd_slave_master='' + gssd_enable=NO + gssd_program=/usr/sbin/gssd + gssd_flags='' + rwhod_enable=NO + rwhod_flags='' + rarpd_enable=NO + rarpd_flags=-a + bootparamd_enable=NO + bootparamd_flags='' + pppoed_enable=NO + pppoed_provider='*' + pppoed_flags='-P /var/run/pppoed.pid' + pppoed_interface=em0 + sshd_enable=NO + sshd_program=/usr/sbin/sshd + sshd_flags='' + ftpd_enable=NO + ftpd_program=/usr/libexec/ftpd + ftpd_flags='' + autofs_enable=NO + automount_flags='' + automountd_flags='' + autounmountd_flags='' + nfs_client_enable=NO + nfs_access_cache=60 + nfs_server_enable=NO + nfs_server_flags='-u -t' + nfs_server_managegids=NO + nfs_server_maxio=131072 + mountd_enable=NO + mountd_flags='-r -S' + weak_mountd_authentication=NO + nfs_reserved_port_only=NO + nfs_bufpackets='' + rpc_lockd_enable=NO + rpc_lockd_flags='' + rpc_statd_enable=NO + rpc_statd_flags='' + rpcbind_enable=NO + rpcbind_program=/usr/sbin/rpcbind + rpcbind_flags='' + rpc_ypupdated_enable=NO + keyserv_enable=NO + keyserv_flags='' + nfsv4_server_enable=NO + nfsv4_server_only=NO + nfscbd_enable=NO + nfscbd_flags='' + nfsuserd_enable=NO + nfsuserd_flags='' + tlsclntd_enable=NO + tlsclntd_flags='' + tlsservd_enable=NO + tlsservd_flags='' + ntpdate_enable=NO + ntpdate_program=/usr/sbin/ntpdate + ntpdate_flags=-b + ntpdate_config=/etc/ntp.conf + ntpdate_hosts='' + ntpd_enable=NO + ntpd_program=/usr/sbin/ntpd + ntpd_config=/etc/ntp.conf + ntpd_sync_on_start=NO + ntpd_flags='' + ntp_src_leapfile=/etc/ntp/leap-seconds + ntp_db_leapfile=/var/db/ntpd.leap-seconds.list + ntp_leapfile_sources=https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list + ntp_leapfile_fetch_opts=-mq + ntp_leapfile_expiry_days=30 + ntp_leapfile_fetch_verbose=NO + nis_client_enable=NO + nis_client_flags='' + nis_ypset_enable=NO + nis_ypset_flags='' + nis_server_enable=NO + nis_server_flags='' + nis_ypxfrd_enable=NO + nis_ypxfrd_flags='' + nis_yppasswdd_enable=NO + nis_yppasswdd_flags='' + nis_ypldap_enable=NO + nis_ypldap_flags='' + bsnmpd_enable=NO + bsnmpd_flags='' + defaultrouter=NO + static_arp_pairs='' + static_ndp_pairs='' + static_routes='' + gateway_enable=NO + routed_enable=NO + routed_program=/sbin/routed + routed_flags=-q + arpproxy_all=NO + forward_sourceroute=NO + accept_sourceroute=NO + hcsecd_enable=NO + hcsecd_config=/etc/bluetooth/hcsecd.conf + sdpd_enable=NO + sdpd_control=/var/run/sdp + sdpd_groupname=nobody + sdpd_username=nobody + bthidd_enable=NO + bthidd_config=/etc/bluetooth/bthidd.conf + bthidd_hids=/var/db/bthidd.hids + bthidd_evdev_support=AUTO + rfcomm_pppd_server_enable=NO + rfcomm_pppd_server_profile='one two' + rfcomm_pppd_server_one_channel=1 + rfcomm_pppd_server_two_channel=3 + ubthidhci_enable=NO + netwait_enable=NO + netwait_timeout=60 + netwait_if_timeout=30 + icmp_bmcastecho=NO + ipv6_network_interfaces=auto + ipv6_activate_all_interfaces=NO + ipv6_defaultrouter=NO + ipv6_static_routes='' + ipv6_gateway_enable=NO + ipv6_cpe_wanif=NO + ipv6_privacy=NO + route6d_enable=NO + route6d_program=/usr/sbin/route6d + route6d_flags='' + ipv6_default_interface=NO + rtsol_flags=-i + rtsold_enable=NO + rtsold_flags='-a -i' + rtadvd_enable=NO + rtadvd_interfaces='' + stf_interface_ipv4addr='' + stf_interface_ipv4plen=0 + stf_interface_ipv6_ifid=0:0:0:1 + stf_interface_ipv6_slaid=0000 + ipv6_ipv4mapping=NO + ip6addrctl_enable=YES + ip6addrctl_verbose=NO + ip6addrctl_policy=AUTO + keyboard='' + keymap=NO + keyrate=NO + keybell=NO + keychange=NO + cursor=NO + scrnmap=NO + font8x16=NO + font8x14=NO + font8x8=NO + blanktime=300 + saver=NO + moused_nondefault_enable=YES + moused_enable=NO + moused_type=auto + moused_port=/dev/psm0 + moused_flags='' + mousechar_start=NO + allscreens_flags='' + allscreens_kbdflags='' + sendmail_enable=NONE + sendmail_pidfile=/var/run/sendmail.pid + sendmail_procname=/usr/sbin/sendmail + sendmail_flags='-L sm-mta -bd -q30m' + sendmail_cert_create=YES + sendmail_submit_enable=YES + sendmail_submit_flags='-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost' + sendmail_outbound_enable=YES + sendmail_outbound_flags='-L sm-queue -q30m' + sendmail_msp_queue_enable=YES + sendmail_msp_queue_flags='-L sm-msp-queue -Ac -q30m' + sendmail_rebuild_aliases=NO + auditd_enable=NO + auditd_program=/usr/sbin/auditd + auditd_flags='' + auditdistd_enable=NO + auditdistd_program=/usr/sbin/auditdistd + auditdistd_flags='' + cron_enable=YES + cron_program=/usr/sbin/cron + cron_dst=YES + cron_flags='' + cfumass_enable=NO + cfumass_dir=/var/cfumass + cfumass_image=/var/tmp/cfumass.img + lpd_enable=NO + lpd_program=/usr/sbin/lpd + lpd_flags='' + nscd_enable=NO + chkprintcap_enable=NO + chkprintcap_flags=-d + dumpdev=NO + dumpon_flags='' + dumpdir=/var/crash + savecore_enable=YES + savecore_flags='-m 10' + service_delete_empty=NO + crashinfo_enable=YES + crashinfo_program=/usr/sbin/crashinfo + quota_enable=NO + check_quotas=YES + quotaon_flags=-a + quotaoff_flags=-a + quotacheck_flags=-a + accounting_enable=NO + firstboot_sentinel=/firstboot + sysvipc_enable=NO + linux_enable=NO + linux_mounts_enable=YES + clear_tmp_enable=NO + clear_tmp_X=YES + ldconfig_insecure=NO + ldconfig_paths='/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg' + ldconfig32_paths='/usr/lib32 /usr/lib32/compat' + ldconfig_local_dirs=/usr/local/libdata/ldconfig + ldconfig_local32_dirs=/usr/local/libdata/ldconfig32 + kern_securelevel_enable=NO + kern_securelevel=-1 + update_motd=YES + entropy_boot_file=/boot/entropy + entropy_file=/entropy + entropy_dir=/var/db/entropy + entropy_save_sz=4096 + entropy_save_num=8 + harvest_mask=511 + osrelease_enable=YES + osrelease_file=/var/run/os-release + osrelease_perms=444 + dmesg_enable=YES + watchdogd_enable=NO + watchdogd_flags='' + watchdogd_timeout='' + watchdogd_shutdown_timeout='' + devfs_rulesets='/etc/defaults/devfs.rules /etc/devfs.rules' + devfs_system_ruleset='' + devfs_set_rulesets='' + devfs_load_rulesets=YES + performance_cx_lowest=NONE + performance_cpu_freq=NONE + economy_cx_lowest=Cmax + economy_cpu_freq=NONE + virecover_enable=YES + ugidfw_enable=NO + bsdextended_script=/etc/rc.bsdextended + newsyslog_enable=YES + newsyslog_flags=-CN + mixer_enable=YES + opensm_enable=NO + nuageinit_enable=NO + rctl_enable=YES + rctl_rules=/etc/rctl.conf + iovctl_files='' + jail_enable=NO + jail_conf=/etc/jail.conf + jail_confwarn=YES + jail_parallel_start=NO + jail_list='' + jail_reverse_stop=NO + [ -z '' ] + source_rc_confs_defined=yes + [ -r /etc/defaults/vendor.conf ] + source_rc_confs + local i sourced_files + sourced_files=:/etc/rc.conf: + [ -r /etc/rc.conf ] + . /etc/rc.conf + keymap=uk.kbd + sourced_files=:/etc/rc.conf::/etc/rc.conf.local: + [ -r /etc/rc.conf.local ] + _rc_conf_loaded=true + [ -n defguard-gateway ] + _d=/etc + [ -f /etc/rc.conf.d/defguard-gateway ] + debug 'Sourcing /etc/rc.conf.d/defguard-gateway' + . /etc/rc.conf.d/defguard-gateway + defguard_gateway_enable=YES + _d=/usr/local/etc + [ -f /usr/local/etc/rc.conf.d/defguard-gateway ] + [ -d /usr/local/etc/rc.conf.d/defguard-gateway ] + eval '_defval=$defguard_gateway_enable_defval' + _defval='' + [ -n '' ] + run_rc_command start + _return=0 + rc_arg=start + [ -z defguard-gateway ] + shift 1 + rc_extra_args='' + _rc_prefix='' + eval '_override_command=$defguard-gateway_program' + _override_command=-gateway_program + command=-gateway_program + _keywords='start stop restart rcvar enable disable delete enabled describe extracommands ' + rc_pid='' + _pidcmd='' + _procname=-gateway_program + eval '_cpuset=$defguard-gateway_cpuset' + _cpuset=-gateway_cpuset + _cpuset='' + _cpusetcmd='' + [ -n '' ] + [ -n -gateway_program ] + [ -n '' ] + _pidcmd='rc_pid=$(check_process -gateway_program )' + _keywords='start stop restart rcvar enable disable delete enabled describe extracommands status poll' + [ -z start ] + [ start '=' enabled ] + [ -n '' ] + eval 'rc_flags=$defguard-gateway_flags' + rc_flags=-gateway_flags + eval '_chdir=$defguard-gateway_chdir' '_chroot=$defguard-gateway_chroot' '_nice=$defguard-gateway_nice' '_user=$defguard-gateway_user' '_group=$defguard-gateway_group' '_groups=$defguard-gateway_groups' '_fib=$defguard-gateway_fib' '_env=$defguard-gateway_env' '_prepend=$defguard-gateway_prepend' '_login_class=${defguard-gateway_login_class:-daemon}' '_limits=$defguard-gateway_limits' '_oomprotect=$defguard-gateway_oomprotect' '_setup=$defguard-gateway_setup' '_env_file=$defguard-gateway_env_file' '_umask=$defguard-gateway_umask' + _chdir=-gateway_chdir _chroot=-gateway_chroot _nice=-gateway_nice _user=-gateway_user _group=-gateway_group _groups=-gateway_groups _fib=-gateway_fib _env=-gateway_env _prepend=-gateway_prepend _login_class=gateway_login_class:-daemon _limits=-gateway_limits _oomprotect=-gateway_oomprotect _setup=-gateway_setup _env_file=-gateway_env_file _umask=-gateway_umask + [ -n -gateway_env_file ] + [ -r -gateway_env_file ] + [ -n -gateway_user ] + eval if [ -x /usr/bin/id '];' then /usr/bin/id '-un;' fi + [ -x /usr/bin/id ] + /usr/bin/id -un + [ -gateway_user '=' root ] + [ -z '' ] + eval 'rc_pid=$(check_process' -gateway_program ')' + check_process -gateway_program + _procname=-gateway_program + _interpreter='' + [ -z -gateway_program ] + _find_processes -gateway_program . -ax + [ 3 -ne 3 ] + _procname=-gateway_program + _interpreter=. + _psargs=-ax + _pref='' + [ . '!=' . ] + _procnamebn=-gateway_program + _fp_args='_arg0 _argv' + _fp_match=$'case "$_arg0" in \t\t $_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")' + _proccheck=$'\t\t/bin/ps -ww 2>/dev/null -o pid= -o jid= -o command= -ax | \t\twhile read _npid _jid _arg0 _argv; do \t\t\tcase "$_arg0" in \t\t $_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]") \t\t\t\tif [ "$JID" -eq "$_jid" ]; \t\t\t\tthen echo -n "$_pref$_npid"; \t\t\t\t_pref=" "; \t\t\t\tfi \t\t\t\t;; \t\t\tesac \t\tdone' + eval /bin/ps -ww '2>/dev/null' -o 'pid=' -o 'jid=' -o 'command=' -ax '|' while read _npid _jid _arg0 '_argv;' do case '"$_arg0"' in '$_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")' if [ '"$JID"' -eq '"$_jid"' '];' then echo -n '"$_pref$_npid";' '_pref="' '";' fi ';;' esac done + /bin/ps -ww -o 'pid=' -o 'jid=' -o 'command=' -ax + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + read _npid _jid _arg0 _argv + rc_pid='' + [ start '!=' start ] + [ -n defguard_gateway_enable -a start '!=' rcvar -a start '!=' stop -a start '!=' delete -a start '!=' enable -a start '!=' describe -a start '!=' status ] + checkyesno defguard_gateway_enable + eval '_value=$defguard_gateway_enable' + _value=YES + debug 'checkyesno: defguard_gateway_enable is set to YES.' + return 0 + [ start '=' start -a -z '' -a -n '' ] + eval '_cmd=$start_cmd' '_precmd=$start_precmd' '_postcmd=$start_postcmd' + _cmd=defguard-gateway_start _precmd='' _postcmd='' + [ -n defguard-gateway_start ] + [ -n -gateway_env ] + eval 'export -- -gateway_env' + export -- -gateway_env export: -gateway_env: bad variable name ```