OPNsense action calls defguard but service is named defguard-gateway (and various other OPNsense issues)

[syserr0r]

So far I've been unable to get the defguard plugin working in OPNsense 24.7.3

I've been unable to find what versions are supported, but these are some of my notes from debugging:

Followed the instructions at https://defguard.gitbook.io/defguard/admin-and-features/setting-up-your-instance/gateway#opnsense-plugin

• It doesn't mention this but you then need to restart the configd service for it to pick up the new action - this can be done by service configd restart or restarting the configd service in the webgui from System -> Diagnostics -> Services - until you do this it gives an error "Action not allowed or missing" is displayed in the webgui when using Start/restart
• The service still doesn't start as the action tries to call service defguard [start/stop/restart/status] as seen in opnsense/src/opnsense/service/conf/actions.d/actions_defguardgateway.conf however the service is called defguard-gateway not defguard (the following error is returned: "defguard does not exist in /etc/rc.d or the local startup directories (/usr/local/etc/rc.d), or is not executable")
• Starting the service manually using service defguard-gateway start still doesn't work (the following error is returned: "export: -gateway_env: bad variable name")
• Starting the binary manually (/usr/local/sbin/defguard-gateway --config /etc/defguard/gateway.toml) appears to work, but the webgui still doesn't appear to work
• If the Use WireGuard userspace kernel implementation is enabled the binary refuses to start with the error Error: WireguardError(ExecutableNotFound("wireguard-go")). To the best of my knowledge the userspace wireguard binary was removed from OPNsense a while ago and cannot be installed from the official plugin repo.
• The defguard portion of the webgui always shows a Endpoint not found warning - the developer console shows a (failed) attempt to send an http POST to /api/defguardgateway/service/status that returns a 404 with the body {"errorMessage":"Endpoint not found"}
• It is unclear to me if I should be setting up a new wireguard interface for defguard to hook in to and use or if defguard should be spinning up it's own wireguard interface. I have wg1 and wg2 existing already. Specifying wg0 (a non-existant interface) for the Network interface produces the error Interface configuration failed: WireGuard error BSD error: Write error ENXIO: No such device or address in syslog. Specifying wg1 (an already existing wireguard interface) gives the error: Couldn't create network interface wg2: BSD error: Write error EEXIST: File exists. Proceeding anyway.

For reference this is what running sh -x /etc/rc.d/defguard-gateway start results in:

Collapsed for brevity:

+ . /etc/rc.subr
+ : 5937
+ export RC_PID
+ [ -n '' ]
+ _rc_subr_loaded=YES
+ SYSCTL=/sbin/sysctl
+ SYSCTL_N='/sbin/sysctl -n'
+ SYSCTL_W=/sbin/sysctl
+ PROTECT=/usr/bin/protect
+ ID=/usr/bin/id
+ IDCMD='if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi'
+ PS='/bin/ps -ww'
+ JID=0
+ CPUSET=/bin/cpuset
+ rc_service=defguard-gateway
+ _rc_namevarlist='program chroot chdir env flags fib nice user group groups prepend setup'
+ kenv -q rc.debug
+ command -v boottrace
+ boottrace_cmd=/usr/sbin/boottrace
+ [ -n /usr/sbin/boottrace ]
+ /sbin/sysctl -n -q kern.boottrace.enabled
+ [ 0 '=' 1 ]
+ name=defguard-gateway
+ rcvar=defguard_gateway_enable
+ command=/usr/local/sbin/defguard-gateway
+ config=/etc/defguard/gateway.toml
+ start_cmd=defguard-gateway_start
+ load_rc_config defguard-gateway
+ local _name _rcvar_val _var _defval _v _msg _new _d
+ _name=defguard-gateway
+ false
+ [ -r /etc/defaults/rc.conf ]
+ debug 'Sourcing /etc/defaults/rc.conf'
+ . /etc/defaults/rc.conf
+ : /usr/local
+ rc_info=NO
+ rc_startmsgs=YES
+ rcshutdown_timeout=90
+ early_late_divider=FILESYSTEMS
+ always_force_depends=NO
+ apm_enable=NO
+ apmd_enable=NO
+ apmd_flags=''
+ ddb_enable=NO
+ ddb_config=/etc/ddb.conf
+ devd_enable=YES
+ devd_flags=''
+ devmatch_enable=YES
+ devmatch_blocklist=''
+ kldxref_enable=YES
+ kldxref_clobber=NO
+ kldxref_module_path=''
+ powerd_enable=NO
+ powerd_flags=''
+ tmpmfs=AUTO
+ tmpsize=20m
+ tmpmfs_flags=-S
+ utx_enable=YES
+ varmfs=AUTO
+ varsize=32m
+ varmfs_flags=-S
+ mfs_type=auto
+ populate_var=AUTO
+ cleanvar_enable=YES
+ var_run_enable=NO
+ var_run_autosave=NO
+ var_run_mtree=/var/db/mtree/BSD.var-run.mtree
+ local_startup=/usr/local/etc/rc.d
+ script_name_sep=' '
+ rc_conf_files='/etc/rc.conf /etc/rc.conf.local'
+ zfs_enable=NO
+ zfskeys_enable=NO
+ zfs_bootonce_activate=NO
+ zpool_reguid=''
+ zpool_upgrade=''
+ zfsd_enable=NO
+ gptboot_enable=YES
+ gbde_autoattach_all=NO
+ gbde_devices=NO
+ gbde_attach_attempts=3
+ gbde_lockdir=/etc
+ geli_devices=''
+ geli_groups=''
+ geli_tries=''
+ geli_default_flags=''
+ geli_autodetach=YES
+ root_rw_mount=YES
+ root_hold_delay=30
+ fsck_flags=-p
+ fsck_y_enable=NO
+ fsck_y_flags='-T ffs:-R -T ufs:-R'
+ background_fsck=YES
+ background_fsck_delay=60
+ growfs_enable=NO
+ growfs_swap_size=''
+ netfs_types='nfs:NFS smbfs:SMB'
+ extra_netfs_types=NO
+ hostname=''
+ hostid_enable=YES
+ hostid_file=/etc/hostid
+ hostid_uuidgen_flags=-r
+ machine_id_file=/etc/machine-id
+ nisdomainname=NO
+ dhclient_program=/sbin/dhclient
+ dhclient_flags=''
+ background_dhclient=NO
+ synchronous_dhclient=NO
+ defaultroute_delay=30
+ defaultroute_carrier_delay=5
+ netif_enable=YES
+ netif_ipexpand_max=2048
+ wpa_supplicant_program=/usr/sbin/wpa_supplicant
+ wpa_supplicant_flags=-s
+ wpa_supplicant_conf_file=/etc/wpa_supplicant.conf
+ firewall_enable=NO
+ firewall_script=/etc/rc.firewall
+ firewall_type=UNKNOWN
+ firewall_quiet=NO
+ firewall_logging=NO
+ firewall_logif=NO
+ firewall_flags=''
+ firewall_coscripts=''
+ firewall_client_net=x.x.x.x/x
+ firewall_simple_iif=em1
+ firewall_simple_inet=x.x.x.x/x
+ firewall_simple_oif=em0
+ firewall_simple_onet=x.x.x.x/x
+ firewall_myservices=''
+ firewall_allowservices=''
+ firewall_trusted=''
+ firewall_logdeny=NO
+ firewall_nologports='135-139,445 1026,1027 1433,1434'
+ firewall_nat_enable=NO
+ firewall_nat_interface=''
+ firewall_nat_flags=''
+ firewall_nat64_enable=NO
+ firewall_nptv6_enable=NO
+ firewall_pmod_enable=NO
+ dummynet_enable=NO
+ ipfw_netflow_enable=NO
+ ip_portrange_first=NO
+ ip_portrange_last=NO
+ ike_enable=NO
+ ike_program=/usr/local/sbin/isakmpd
+ ike_flags=''
+ ipsec_enable=NO
+ ipsec_file=/etc/ipsec.conf
+ natd_program=/sbin/natd
+ natd_enable=NO
+ natd_interface=''
+ natd_flags=''
+ ipfilter_enable=NO
+ ipfilter_program=/sbin/ipf
+ ipfilter_rules=/etc/ipf.rules
+ ipfilter_flags=''
+ ippool_enable=NO
+ ippool_program=/sbin/ippool
+ ippool_rules=/etc/ippool.tables
+ ippool_flags=''
+ ipnat_enable=NO
+ ipnat_program=/sbin/ipnat
+ ipnat_rules=/etc/ipnat.rules
+ ipnat_flags=''
+ ipmon_enable=NO
+ ipmon_program=/sbin/ipmon
+ ipmon_flags=-Ds
+ ipfs_enable=NO
+ ipfs_program=/sbin/ipfs
+ ipfs_flags=''
+ pf_enable=NO
+ pf_rules=/etc/pf.conf
+ pf_program=/sbin/pfctl
+ pf_flags=''
+ pf_fallback_rules_enable=NO
+ pf_fallback_rules='block drop log all'
+ pf_fallback_rules_file=/etc/pf-fallback.conf
+ pflog_enable=NO
+ pflog_logfile=/var/log/pflog
+ pflog_program=/sbin/pflogd
+ pflog_flags=''
+ dnctl_enable=NO
+ dnctl_program=/sbin/dnctl
+ dnctl_rules=/etc/dnctl.conf
+ ftpproxy_enable=NO
+ ftpproxy_flags=''
+ pfsync_enable=NO
+ pfsync_syncdev=''
+ pfsync_syncpeer=''
+ pfsync_ifconfig=''
+ tcp_extensions=YES
+ log_in_vain=0
+ tcp_keepalive=YES
+ tcp_drop_synfin=NO
+ icmp_drop_redirect=auto
+ icmp_log_redirect=NO
+ network_interfaces=auto
+ cloned_interfaces=''
+ ppp_enable=NO
+ ppp_program=/usr/sbin/ppp
+ ppp_mode=auto
+ ppp_nat=YES
+ ppp_profile=papchap
+ ppp_user=root
+ hostapd_program=/usr/sbin/hostapd
+ hostapd_enable=NO
+ syslogd_enable=YES
+ syslogd_program=/usr/sbin/syslogd
+ syslogd_flags=-s
+ syslogd_oomprotect=YES
+ altlog_proglist=''
+ inetd_enable=NO
+ inetd_program=/usr/sbin/inetd
+ inetd_flags='-wW -C 60'
+ iscsid_enable=NO
+ iscsictl_enable=NO
+ iscsictl_flags=-Aa
+ hastd_enable=NO
+ hastd_program=/sbin/hastd
+ hastd_flags=''
+ ggated_enable=NO
+ ggated_config=/etc/gg.exports
+ ggated_flags=''
+ ctld_enable=NO
+ local_unbound_enable=NO
+ local_unbound_tls=NO
+ blacklistd_enable=NO
+ blacklistd_flags=''
+ resolv_enable=YES
+ kdc_enable=NO
+ kdc_program=/usr/libexec/kdc
+ kdc_flags=''
+ kdc_restart=NO
+ kdc_restart_delay=''
+ kadmind_enable=NO
+ kadmind_program=/usr/libexec/kadmind
+ kpasswdd_enable=NO
+ kpasswdd_program=/usr/libexec/kpasswdd
+ kfd_enable=NO
+ kfd_program=/usr/libexec/kfd
+ kfd_flags=''
+ ipropd_master_enable=NO
+ ipropd_master_program=/usr/libexec/ipropd-master
+ ipropd_master_flags=''
+ ipropd_master_keytab=/etc/krb5.keytab
+ ipropd_master_slaves=''
+ ipropd_slave_enable=NO
+ ipropd_slave_program=/usr/libexec/ipropd-slave
+ ipropd_slave_flags=''
+ ipropd_slave_keytab=/etc/krb5.keytab
+ ipropd_slave_master=''
+ gssd_enable=NO
+ gssd_program=/usr/sbin/gssd
+ gssd_flags=''
+ rwhod_enable=NO
+ rwhod_flags=''
+ rarpd_enable=NO
+ rarpd_flags=-a
+ bootparamd_enable=NO
+ bootparamd_flags=''
+ pppoed_enable=NO
+ pppoed_provider='*'
+ pppoed_flags='-P /var/run/pppoed.pid'
+ pppoed_interface=em0
+ sshd_enable=NO
+ sshd_program=/usr/sbin/sshd
+ sshd_flags=''
+ ftpd_enable=NO
+ ftpd_program=/usr/libexec/ftpd
+ ftpd_flags=''
+ autofs_enable=NO
+ automount_flags=''
+ automountd_flags=''
+ autounmountd_flags=''
+ nfs_client_enable=NO
+ nfs_access_cache=60
+ nfs_server_enable=NO
+ nfs_server_flags='-u -t'
+ nfs_server_managegids=NO
+ nfs_server_maxio=131072
+ mountd_enable=NO
+ mountd_flags='-r -S'
+ weak_mountd_authentication=NO
+ nfs_reserved_port_only=NO
+ nfs_bufpackets=''
+ rpc_lockd_enable=NO
+ rpc_lockd_flags=''
+ rpc_statd_enable=NO
+ rpc_statd_flags=''
+ rpcbind_enable=NO
+ rpcbind_program=/usr/sbin/rpcbind
+ rpcbind_flags=''
+ rpc_ypupdated_enable=NO
+ keyserv_enable=NO
+ keyserv_flags=''
+ nfsv4_server_enable=NO
+ nfsv4_server_only=NO
+ nfscbd_enable=NO
+ nfscbd_flags=''
+ nfsuserd_enable=NO
+ nfsuserd_flags=''
+ tlsclntd_enable=NO
+ tlsclntd_flags=''
+ tlsservd_enable=NO
+ tlsservd_flags=''
+ ntpdate_enable=NO
+ ntpdate_program=/usr/sbin/ntpdate
+ ntpdate_flags=-b
+ ntpdate_config=/etc/ntp.conf
+ ntpdate_hosts=''
+ ntpd_enable=NO
+ ntpd_program=/usr/sbin/ntpd
+ ntpd_config=/etc/ntp.conf
+ ntpd_sync_on_start=NO
+ ntpd_flags=''
+ ntp_src_leapfile=/etc/ntp/leap-seconds
+ ntp_db_leapfile=/var/db/ntpd.leap-seconds.list
+ ntp_leapfile_sources=https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
+ ntp_leapfile_fetch_opts=-mq
+ ntp_leapfile_expiry_days=30
+ ntp_leapfile_fetch_verbose=NO
+ nis_client_enable=NO
+ nis_client_flags=''
+ nis_ypset_enable=NO
+ nis_ypset_flags=''
+ nis_server_enable=NO
+ nis_server_flags=''
+ nis_ypxfrd_enable=NO
+ nis_ypxfrd_flags=''
+ nis_yppasswdd_enable=NO
+ nis_yppasswdd_flags=''
+ nis_ypldap_enable=NO
+ nis_ypldap_flags=''
+ bsnmpd_enable=NO
+ bsnmpd_flags=''
+ defaultrouter=NO
+ static_arp_pairs=''
+ static_ndp_pairs=''
+ static_routes=''
+ gateway_enable=NO
+ routed_enable=NO
+ routed_program=/sbin/routed
+ routed_flags=-q
+ arpproxy_all=NO
+ forward_sourceroute=NO
+ accept_sourceroute=NO
+ hcsecd_enable=NO
+ hcsecd_config=/etc/bluetooth/hcsecd.conf
+ sdpd_enable=NO
+ sdpd_control=/var/run/sdp
+ sdpd_groupname=nobody
+ sdpd_username=nobody
+ bthidd_enable=NO
+ bthidd_config=/etc/bluetooth/bthidd.conf
+ bthidd_hids=/var/db/bthidd.hids
+ bthidd_evdev_support=AUTO
+ rfcomm_pppd_server_enable=NO
+ rfcomm_pppd_server_profile='one two'
+ rfcomm_pppd_server_one_channel=1
+ rfcomm_pppd_server_two_channel=3
+ ubthidhci_enable=NO
+ netwait_enable=NO
+ netwait_timeout=60
+ netwait_if_timeout=30
+ icmp_bmcastecho=NO
+ ipv6_network_interfaces=auto
+ ipv6_activate_all_interfaces=NO
+ ipv6_defaultrouter=NO
+ ipv6_static_routes=''
+ ipv6_gateway_enable=NO
+ ipv6_cpe_wanif=NO
+ ipv6_privacy=NO
+ route6d_enable=NO
+ route6d_program=/usr/sbin/route6d
+ route6d_flags=''
+ ipv6_default_interface=NO
+ rtsol_flags=-i
+ rtsold_enable=NO
+ rtsold_flags='-a -i'
+ rtadvd_enable=NO
+ rtadvd_interfaces=''
+ stf_interface_ipv4addr=''
+ stf_interface_ipv4plen=0
+ stf_interface_ipv6_ifid=0:0:0:1
+ stf_interface_ipv6_slaid=0000
+ ipv6_ipv4mapping=NO
+ ip6addrctl_enable=YES
+ ip6addrctl_verbose=NO
+ ip6addrctl_policy=AUTO
+ keyboard=''
+ keymap=NO
+ keyrate=NO
+ keybell=NO
+ keychange=NO
+ cursor=NO
+ scrnmap=NO
+ font8x16=NO
+ font8x14=NO
+ font8x8=NO
+ blanktime=300
+ saver=NO
+ moused_nondefault_enable=YES
+ moused_enable=NO
+ moused_type=auto
+ moused_port=/dev/psm0
+ moused_flags=''
+ mousechar_start=NO
+ allscreens_flags=''
+ allscreens_kbdflags=''
+ sendmail_enable=NONE
+ sendmail_pidfile=/var/run/sendmail.pid
+ sendmail_procname=/usr/sbin/sendmail
+ sendmail_flags='-L sm-mta -bd -q30m'
+ sendmail_cert_create=YES
+ sendmail_submit_enable=YES
+ sendmail_submit_flags='-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost'
+ sendmail_outbound_enable=YES
+ sendmail_outbound_flags='-L sm-queue -q30m'
+ sendmail_msp_queue_enable=YES
+ sendmail_msp_queue_flags='-L sm-msp-queue -Ac -q30m'
+ sendmail_rebuild_aliases=NO
+ auditd_enable=NO
+ auditd_program=/usr/sbin/auditd
+ auditd_flags=''
+ auditdistd_enable=NO
+ auditdistd_program=/usr/sbin/auditdistd
+ auditdistd_flags=''
+ cron_enable=YES
+ cron_program=/usr/sbin/cron
+ cron_dst=YES
+ cron_flags=''
+ cfumass_enable=NO
+ cfumass_dir=/var/cfumass
+ cfumass_image=/var/tmp/cfumass.img
+ lpd_enable=NO
+ lpd_program=/usr/sbin/lpd
+ lpd_flags=''
+ nscd_enable=NO
+ chkprintcap_enable=NO
+ chkprintcap_flags=-d
+ dumpdev=NO
+ dumpon_flags=''
+ dumpdir=/var/crash
+ savecore_enable=YES
+ savecore_flags='-m 10'
+ service_delete_empty=NO
+ crashinfo_enable=YES
+ crashinfo_program=/usr/sbin/crashinfo
+ quota_enable=NO
+ check_quotas=YES
+ quotaon_flags=-a
+ quotaoff_flags=-a
+ quotacheck_flags=-a
+ accounting_enable=NO
+ firstboot_sentinel=/firstboot
+ sysvipc_enable=NO
+ linux_enable=NO
+ linux_mounts_enable=YES
+ clear_tmp_enable=NO
+ clear_tmp_X=YES
+ ldconfig_insecure=NO
+ ldconfig_paths='/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg'
+ ldconfig32_paths='/usr/lib32 /usr/lib32/compat'
+ ldconfig_local_dirs=/usr/local/libdata/ldconfig
+ ldconfig_local32_dirs=/usr/local/libdata/ldconfig32
+ kern_securelevel_enable=NO
+ kern_securelevel=-1
+ update_motd=YES
+ entropy_boot_file=/boot/entropy
+ entropy_file=/entropy
+ entropy_dir=/var/db/entropy
+ entropy_save_sz=4096
+ entropy_save_num=8
+ harvest_mask=511
+ osrelease_enable=YES
+ osrelease_file=/var/run/os-release
+ osrelease_perms=444
+ dmesg_enable=YES
+ watchdogd_enable=NO
+ watchdogd_flags=''
+ watchdogd_timeout=''
+ watchdogd_shutdown_timeout=''
+ devfs_rulesets='/etc/defaults/devfs.rules /etc/devfs.rules'
+ devfs_system_ruleset=''
+ devfs_set_rulesets=''
+ devfs_load_rulesets=YES
+ performance_cx_lowest=NONE
+ performance_cpu_freq=NONE
+ economy_cx_lowest=Cmax
+ economy_cpu_freq=NONE
+ virecover_enable=YES
+ ugidfw_enable=NO
+ bsdextended_script=/etc/rc.bsdextended
+ newsyslog_enable=YES
+ newsyslog_flags=-CN
+ mixer_enable=YES
+ opensm_enable=NO
+ nuageinit_enable=NO
+ rctl_enable=YES
+ rctl_rules=/etc/rctl.conf
+ iovctl_files=''
+ jail_enable=NO
+ jail_conf=/etc/jail.conf
+ jail_confwarn=YES
+ jail_parallel_start=NO
+ jail_list=''
+ jail_reverse_stop=NO
+ [ -z '' ]
+ source_rc_confs_defined=yes
+ [ -r /etc/defaults/vendor.conf ]
+ source_rc_confs
+ local i sourced_files
+ sourced_files=:/etc/rc.conf:
+ [ -r /etc/rc.conf ]
+ . /etc/rc.conf
+ keymap=uk.kbd
+ sourced_files=:/etc/rc.conf::/etc/rc.conf.local:
+ [ -r /etc/rc.conf.local ]
+ _rc_conf_loaded=true
+ [ -n defguard-gateway ]
+ _d=/etc
+ [ -f /etc/rc.conf.d/defguard-gateway ]
+ debug 'Sourcing /etc/rc.conf.d/defguard-gateway'
+ . /etc/rc.conf.d/defguard-gateway
+ defguard_gateway_enable=YES
+ _d=/usr/local/etc
+ [ -f /usr/local/etc/rc.conf.d/defguard-gateway ]
+ [ -d /usr/local/etc/rc.conf.d/defguard-gateway ]
+ eval '_defval=$defguard_gateway_enable_defval'
+ _defval=''
+ [ -n '' ]
+ run_rc_command start
+ _return=0
+ rc_arg=start
+ [ -z defguard-gateway ]
+ shift 1
+ rc_extra_args=''
+ _rc_prefix=''
+ eval '_override_command=$defguard-gateway_program'
+ _override_command=-gateway_program
+ command=-gateway_program
+ _keywords='start stop restart rcvar enable disable delete enabled describe extracommands '
+ rc_pid=''
+ _pidcmd=''
+ _procname=-gateway_program
+ eval '_cpuset=$defguard-gateway_cpuset'
+ _cpuset=-gateway_cpuset
+ _cpuset=''
+ _cpusetcmd=''
+ [ -n '' ]
+ [ -n -gateway_program ]
+ [ -n '' ]
+ _pidcmd='rc_pid=$(check_process -gateway_program )'
+ _keywords='start stop restart rcvar enable disable delete enabled describe extracommands  status poll'
+ [ -z start ]
+ [ start '=' enabled ]
+ [ -n '' ]
+ eval 'rc_flags=$defguard-gateway_flags'
+ rc_flags=-gateway_flags
+ eval '_chdir=$defguard-gateway_chdir' '_chroot=$defguard-gateway_chroot' '_nice=$defguard-gateway_nice' '_user=$defguard-gateway_user' '_group=$defguard-gateway_group' '_groups=$defguard-gateway_groups' '_fib=$defguard-gateway_fib' '_env=$defguard-gateway_env' '_prepend=$defguard-gateway_prepend' '_login_class=${defguard-gateway_login_class:-daemon}' '_limits=$defguard-gateway_limits' '_oomprotect=$defguard-gateway_oomprotect' '_setup=$defguard-gateway_setup' '_env_file=$defguard-gateway_env_file' '_umask=$defguard-gateway_umask'
+ _chdir=-gateway_chdir _chroot=-gateway_chroot _nice=-gateway_nice _user=-gateway_user _group=-gateway_group _groups=-gateway_groups _fib=-gateway_fib _env=-gateway_env _prepend=-gateway_prepend _login_class=gateway_login_class:-daemon _limits=-gateway_limits _oomprotect=-gateway_oomprotect _setup=-gateway_setup _env_file=-gateway_env_file _umask=-gateway_umask
+ [ -n -gateway_env_file ]
+ [ -r -gateway_env_file ]
+ [ -n -gateway_user ]
+ eval if [ -x /usr/bin/id '];' then /usr/bin/id '-un;' fi
+ [ -x /usr/bin/id ]
+ /usr/bin/id -un
+ [ -gateway_user '=' root ]
+ [ -z '' ]
+ eval 'rc_pid=$(check_process' -gateway_program ')'
+ check_process -gateway_program
+ _procname=-gateway_program
+ _interpreter=''
+ [ -z -gateway_program ]
+ _find_processes -gateway_program . -ax
+ [ 3 -ne 3 ]
+ _procname=-gateway_program
+ _interpreter=.
+ _psargs=-ax
+ _pref=''
+ [ . '!=' . ]
+ _procnamebn=-gateway_program
+ _fp_args='_arg0 _argv'
+ _fp_match=$'case "$_arg0" in
\t\t    $_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")'
+ _proccheck=$'\t\t/bin/ps -ww 2>/dev/null -o pid= -o jid= -o command= -ax |
\t\twhile read _npid _jid _arg0 _argv; do
\t\t\tcase "$_arg0" in
\t\t    $_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")
\t\t\t\tif [ "$JID" -eq "$_jid" ];
\t\t\t\tthen echo -n "$_pref$_npid";
\t\t\t\t_pref=" ";
\t\t\t\tfi
\t\t\t\t;;
\t\t\tesac
\t\tdone'
+ eval /bin/ps -ww '2>/dev/null' -o 'pid=' -o 'jid=' -o 'command=' -ax '|' while read _npid _jid _arg0 '_argv;' do case '"$_arg0"' in '$_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")' if [ '"$JID"' -eq '"$_jid"' '];' then echo -n '"$_pref$_npid";' '_pref="' '";' fi ';;' esac done
+ /bin/ps -ww -o 'pid=' -o 'jid=' -o 'command=' -ax
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ read _npid _jid _arg0 _argv
+ rc_pid=''
+ [ start '!=' start ]
+ [ -n defguard_gateway_enable -a start '!=' rcvar -a start '!=' stop -a start '!=' delete -a start '!=' enable -a start '!=' describe -a start '!=' status ]
+ checkyesno defguard_gateway_enable
+ eval '_value=$defguard_gateway_enable'
+ _value=YES
+ debug 'checkyesno: defguard_gateway_enable is set to YES.'
+ return 0
+ [ start '=' start -a -z '' -a -n '' ]
+ eval '_cmd=$start_cmd' '_precmd=$start_precmd' '_postcmd=$start_postcmd'
+ _cmd=defguard-gateway_start _precmd='' _postcmd=''
+ [ -n defguard-gateway_start ]
+ [ -n -gateway_env ]
+ eval 'export -- -gateway_env'
+ export -- -gateway_env
export: -gateway_env: bad variable name