defines.cfg

(NOTE:  Some of the techniques shown or described on this page--marked in purple--require new features in the latest official PIKT 1.19.0 release (pikt-current.tar.gz) that are unavailable in any previous version.)

The define config file specifies a set of logical "defines"--preprocessor conditional switches for including or excluding sections of the configuration files.  You use these defines together with the '#ifdef <define>' preprocessor directive to customize your PIKT configurations according to certain conditions--those you specify directly, or conditions based on the current system or network state.

Commonly specified PIKT defines include:  test, debug, verbose, quiet, doexec.

For example, suppose in alarms.cfg (or one of its #include files) you specify:

#ifdef verbose
        rule    // report when systems come back up after a downage
                // if state was "-", is now "+", report change
                if #defined(%state) && $state ne %state
                        output mail "$host is back up"
                fi
#endifdef
That rule would appear in the installed script only if the verbose define were set to TRUE in defines.cfg, for example
///////////////////////////////////////////////////////////////////////////////
// 
// PIKT defines.cfg -- preprocessor logical switches
// 
///////////////////////////////////////////////////////////////////////////////

...

verbose         TRUE

...
or in any of the other ways described below.  If the verbose define were set to FALSE in defines.cfg,
verbose         FALSE
then the rule would be excluded.

In defines.cfg (or any of its #include files), a define stanza takes the form

<define>      TRUE|true|YES|yes|ON|on|1|FALSE|false|NO|no|OFF|off|0|
              [<proc>]
where the TRUE, FALSE, etc. can follow on the same line or on a subsequent indented line.

You may also set a define according to the exit status (TRUE or FALSE) of any process, for example

dst     // TRUE if Daylight Savings Time now applies, FALSE otherwise
        // at our site, `date +%Z` returns "CDT" if DST is in effect,
        // "CST" otherwise; use your own time zone string as needed
        [test `date +%Z` = "CDT"]
Observe that you can set/unset defines on a per-machine basis in the defines.cfg file, for example
#if dbserver
test         TRUE
#else
test         FALSE
#endif
Or, alternatively and equivalently,
test
#if dbserver
             TRUE
#else
             FALSE
#endif
You may use #ifdef, #ifndef, and #setdef in defines.cfg just so long as the referenced define is specified earlier in defines.cfg.  For example, you may do this:
attentive       TRUE    // the lowest security level

cautious                // the second security level
#  if missioncritical | cssys
                TRUE
#  else
                FALSE
#  endif

worried                 // the third security level
#if missioncritical
                TRUE
#else
                FALSE
#endif

paranoid        FALSE   // the fourth, and highest, security level

#ifdef cautious
#  setdef attentive = TRUE      // or:  #define attentive
#endifdef

#ifdef worried
#  setdef attentive = TRUE
#  setdef cautious = TRUE
#endifdef

#ifdef paranoid
#  setdef attentive = TRUE
#  setdef cautious = TRUE
#  setdef worried = TRUE
#endifdef
This code ensures that if you are in a certain security state, all lower security levels are also set to TRUE.  (If you are paranoid, you are guaranteed also worried, cautious, and attentive.)

The special, built-in pikttest define operates much like a regular test define, but with the following difference:  You would set an optional and user-specified test define in defines.cfg using 'test TRUE' and elsewhere using '#setdef test = TRUE'.  You might also specify 'test FALSE' in defines.cfg, and undefine test elsewhere using '#setdef test = FALSE'.

With pikttest, however, the piktc command-line option '-T' globally sets pikttest to TRUE, and once set, it remains set, i.e., cannot be changed in defines.cfg or anywhere else using #setdef.  The 'piktc -T' and pikttest tandem is therefore just a quicker and more convenient way to activate test mode globally.  Presumably you would have

#ifdef piktttest

        [... some special test code or configuration ...]

#endifdef  // pikttest
(or maybe '#ifndef pikttest ... #endifdef) positioned at various places around your PIKT configuration to activate (or not) special testing environments.  'piktc -T', together with the pikttest define (also the built-in =pikttest macro), allows you to conveniently enter test mode site-wide.

Logical defines are set (to TRUE) or unset (to FALSE) in any of three ways: (a) in the defines.cfg file (as described above); (b) in any config file, except systems.cfg or defines.cfg, by means of the #define, #undefine, or #setdef directives; or (c) at the piktc command line, as in 'piktc ... +D ' or 'piktc ... -D '. Command-line +D defines and -D undefines override any defines.cfg settings, but #def(ine) and #undef(ine) directives in the config files have the highest precedence overall.

Refer to the sample defines.cfg for more examples.

prev page 1st page next page
 
Home | FAQ | News | Intro | Samples | Tutorial | Reference | Software
Developer's Notes | Licensing | Authors | Pikt-Users | Pikt-Workers | Related Projects | Site Index | Privacy Policy | Contact Us
Page best viewed at 1024x768 or greater.   Page last updated 2019-01-12.   This site is PIKT® powered.
Copyright © 1998-2019 Robert Osterlund. All rights reserved.
Home FAQ News Intro Samples Tutorial Reference Software
PIKT Logo
PIKT Page Title
View sample
iptables firewall
script config file