First release of open-appsec source code

2025-09-29 19:24:26 +03:00 · 2022-10-26 19:33:19 +03:00
parent 3883109caf
commit a883352f79
1353 changed files with 276290 additions and 1 deletions
--- a/nodes/http_transaction_handler/CMakeLists.txt
+++ b/nodes/http_transaction_handler/CMakeLists.txt
@@ -0,0 +1,69 @@
+add_subdirectory(package)
+
+link_directories(${CMAKE_BINARY_DIR}/core/shmem_ipc)
+link_directories(${CMAKE_BINARY_DIR}/attachments/nginx/nginx_attachment_util)
+
+add_executable(cp-nano-http-transaction-handler main.cc)
+
+target_link_libraries(cp-nano-http-transaction-handler
+	-Wl,--start-group
+	${COMMON_LIBRARIES}
+
+	xml2
+	pcre2-8
+	pcre2-posix
+	yajl_s
+
+	-lshmem_ipc
+	-lnginx_attachment_util
+
+	generic_rulebase
+	generic_rulebase_evaluators
+	ip_utilities
+        version
+	signal_handler
+	report_messaging
+
+	nginx_attachment
+	gradual_deployment
+	http_manager_comp
+	pm
+	waap
+	waap_clib
+	reputation
+	-Wl,--end-group
+)
+
+install(TARGETS cp-nano-http-transaction-handler DESTINATION bin)
+install(TARGETS cp-nano-http-transaction-handler DESTINATION http_transaction_handler_service/bin)
+
+execute_process (
+	COMMAND bash -c "ldconfig -p | awk '/libpcre2-8.so/{sub(/[^/]*$/,\"\", $NF); path=$NF}END{system(\"ls \"path\"libpcre2-8.so*\")}' | awk '{printf $1\";\"}'"
+	OUTPUT_VARIABLE pcre2-8
+)
+install(FILES ${pcre2-8} DESTINATION http_transaction_handler_service/lib)
+
+execute_process (
+	COMMAND bash -c "ldconfig -p | awk '/libpcre2-posix.so/{sub(/[^/]*$/,\"\", $NF); path=$NF}END{system(\"ls \"path\"libpcre2-posix.so*\")}' | awk '{printf $1\";\"}'"
+	OUTPUT_VARIABLE pcre2-posix
+)
+install(FILES ${pcre2-posix} DESTINATION http_transaction_handler_service/lib)
+
+execute_process (
+	COMMAND bash -c "ldconfig -p | awk '/libxml2.so/{sub(/[^/]*$/,\"\", $NF); path=$NF}END{system(\"ls \"path\"libxml2.so*\")}' | awk '{printf $1\";\"}'"
+	OUTPUT_VARIABLE xml2
+)
+install(FILES ${xml2} DESTINATION http_transaction_handler_service/lib)
+
+gen_help(
+	"--certs-dir <trusted ca directory>" "Path to the hosts trusted ca directory"
+)
+
+set_package_params("--platform x86")
+
+gen_package(
+	install-cp-nano-service-http-transaction-handler.sh
+	http_transaction_handler_service
+	./install-http-transaction-handler.sh
+	Check Point HTTP Transaction Handler Nano Service Version ${PACKAGE_VERSION} Install Package
+)
--- a/nodes/http_transaction_handler/main.cc
+++ b/nodes/http_transaction_handler/main.cc
@@ -0,0 +1,35 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "components_list.h"
+#include "nginx_attachment.h"
+#include "gradual_deployment.h"
+#include "http_manager.h"
+#include "waap.h"
+
+int
+main(int argc, char **argv)
+{
+    NodeComponentsWithTable<
+        SessionID,
+        NginxAttachment,
+        GradualDeployment,
+        HttpManager,
+	WaapComponent
+    > comps;
+
+    comps.registerGlobalValue<bool>("Is Rest primary routine", true);
+    comps.registerGlobalValue<uint>("Nano service API Port Range start", 12000);
+    comps.registerGlobalValue<uint>("Nano service API Port Range end", 13000);
+    return comps.run("HTTP Transaction Handler", argc, argv);
+}
--- a/nodes/http_transaction_handler/package/CMakeLists.txt
+++ b/nodes/http_transaction_handler/package/CMakeLists.txt
@@ -0,0 +1,10 @@
+install(FILES install-http-transaction-handler.sh  DESTINATION http_transaction_handler_service/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cp-nano-http-transaction-handler-conf.json  DESTINATION http_transaction_handler_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cp-nano-http-transaction-handler-conf-container.json  DESTINATION http_transaction_handler_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cp-nano-http-transaction-handler-debug-conf.json DESTINATION http_transaction_handler_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cp-nano-http-transaction-handler.cfg DESTINATION http_transaction_handler_service/conf PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES k8s-log-file-handler.sh DESTINATION http_transaction_handler_service/bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+
+#install(DIRECTORY ${ng_module_osrc_pcre2_path}/lib/ DESTINATION http_transaction_handler_service/lib/ FILES_MATCHING PATTERN "libpcre2-8.so*" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+#install(DIRECTORY ${ng_module_osrc_pcre2_path}/lib/ DESTINATION http_transaction_handler_service/lib/ FILES_MATCHING PATTERN "libpcre2-posix.so*" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+#install(RUNTIME_DEPENDENCY_SET xml DESTINATION http_transaction_handler_service/lib/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
--- a/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-conf-container.json
+++ b/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-conf-container.json
@@ -0,0 +1,45 @@
+{
+    "Logging": {
+        "Fog Log URI": [
+            {
+                "value": "/api/v1/agents/events/bulk"
+            }
+        ],
+        "Log file name":[
+            {
+                "value": "/var/log/nano_agent/cp-nano-http-transaction-handler.log"
+            }
+        ],
+        "NanoService": [
+            {
+                "value": "Linux nano agent HTTP Transaction Handler service"
+            }
+        ]
+    },
+    "connection": {
+        "Nano service API Port Range start": [
+            {
+                "value": 12000
+            }
+        ],
+        "Nano service API Port Range end": [
+            {
+                "value": 13000
+            }
+        ]
+    },
+    "message": {
+    	"Connection timeout": [
+            {
+                "value": 10000000
+            }
+        ]
+    },
+    "HTTP manager": {
+        "Container mode": [
+            {
+                "value": true
+            }
+        ]
+    }
+}
--- a/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-conf.json
+++ b/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-conf.json
@@ -0,0 +1,38 @@
+{
+    "Logging": {
+        "Fog Log URI": [
+            {
+                "value": "/api/v1/agents/events/bulk"
+            }
+        ],
+        "Log file name":[
+            {
+                "value": "/var/log/nano_agent/cp-nano-http-transaction-handler.log"
+            }
+        ],
+        "NanoService": [
+            {
+                "value": "Linux nano agent HTTP Transaction Handler service"
+            }
+        ]
+    },
+    "connection": {
+        "Nano service API Port Range start": [
+            {
+                "value": 12000
+            }
+        ],
+        "Nano service API Port Range end": [
+            {
+                "value": 13000
+            }
+        ]
+    },
+    "message": {
+    	"Connection timeout": [
+            {
+                "value": 10000000
+            }
+        ]
+    }
+}
--- a/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-debug-conf.json
+++ b/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler-debug-conf.json
@@ -0,0 +1,11 @@
+{
+    "Debug": [
+        {
+            "Streams": [
+                {
+                    "Output": "/var/log/nano_agent/cp-nano-http-transaction-handler.dbg"
+                }
+            ]
+        }
+    ]
+}
--- a/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler.cfg
+++ b/nodes/http_transaction_handler/package/cp-nano-http-transaction-handler.cfg
--- a/nodes/http_transaction_handler/package/install-http-transaction-handler.sh
+++ b/nodes/http_transaction_handler/package/install-http-transaction-handler.sh
@@ -0,0 +1,295 @@
+#!/bin/sh
+
+FORCE_STDOUT=true
+INSTALLATION_LOG_FILE="/var/log/nano_agent/cp-nano-http-transaction-handler-install.log"
+SERVICE_DBG_CONF_PATH="/etc/cp/conf/cp-nano-http-transaction-handler-debug-conf.json"
+INSTALLATION_TIME=$(date)
+
+WAAP_POLICY_FOLDER_PATH=/etc/cp/conf/waap
+IPS_POLICY_FOLDER_PATH=/etc/cp/conf/ips
+
+DEFAULT_HTTP_TRANSACTION_HANDLER_EVENT_BUFFER=/var/log/nano_agent/event_buffer/HTTP_TRANSACTION_HANDLER_events
+
+HTTP_TRANSACTION_HANDLER_PATH=/etc/cp/HttpTransactionHandler
+HTTP_TRANSACTION_HANDLER_FILE=cp-nano-http-transaction-handler
+
+env_details_file=/etc/cp/conf/environment-details.cfg
+
+if [ -f "$env_details_file" ]; then
+    . $env_details_file
+fi
+
+IS_K8S_ENV=false
+K8S_TOKEN_PATH="/var/run/secrets/kubernetes.io/serviceaccount/token"
+if [ -f $K8S_TOKEN_PATH ]; then
+    IS_K8S_ENV=true
+fi
+
+mkdir -p /var/log/nano_agent
+cp_print()
+{
+    var_text=$1
+    var_std_out=$2
+    touch $INSTALLATION_LOG_FILE
+    if [ -n "$var_std_out" ]; then
+        if [ "$var_std_out" = "true" ]; then
+            printf "%b\n" "$var_text"
+        fi
+    fi
+    printf "%b\n" "$var_text" >> $INSTALLATION_LOG_FILE
+}
+
+cp_exec()
+{
+    var_cmd=$1
+    var_std_out=$2
+    # Send exec output to RES
+    RES=$($var_cmd 2>&1)
+    if [ -n "$RES" ]; then
+        cp_print "$RES" "$var_std_out"
+    fi
+}
+
+export INSTALL_COMMAND
+is_install="$(command -v install)"
+if [ -z ${is_install} ]; then
+    INSTALL_COMMAND="cp -f"
+    cp_print "[WARNING]: install command not found - using cp instead" ${FORCE_STDOUT}
+else
+    INSTALL_COMMAND=install
+fi
+
+handle_upgrade_from_http_manager()
+{
+    if [ -f "/etc/cp/conf/cp-nano-http-manager-debug-conf.json" ]; then
+        cp_exec "mv /etc/cp/conf/cp-nano-http-manager-debug-conf.json $SERVICE_DBG_CONF_PATH"
+        cp_exec "sed -i 's|cp-nano-http-manager.dbg|cp-nano-http-transaction-handler.dbg|g' $SERVICE_DBG_CONF_PATH"
+
+        cp_exec "/etc/cp/scripts/cpnano_debug --default --service http-transaction-handler"
+    fi
+
+    if [ -f "/var/logs/nano_agent/event_buffer/http_manager_events" ]; then
+        cp_exec "mv /var/logs/nano_agent/event_buffer/http_manager_events /var/logs/nano_agent/event_buffer/http_transaction_handler_events"
+    fi
+}
+
+install_waap()
+{
+    cp_exec "mkdir -p /etc/waf2_engine/conf"
+    cp_exec "mkdir -p /var/waf2_engine/current"
+    cp_exec "mkdir -p /var/waf2_engine/baseline"
+    cp_exec "mkdir -p /var/waf2_engine/baseline/signatures"
+    cp_exec "mkdir -p /var/waf2_engine/waf2_engine"
+    cp_exec "mkdir -p /usr/share/waf2_engine"
+    # /etc/cp/conf/waap/ is created in install_policy
+    cp_exec "cp -f resources/1.data /etc/cp/conf/waap/"
+    cp_exec "cp -f resources/2.data /etc/cp/conf/waap/"
+    cp_exec "cp -f resources/8.data /etc/cp/conf/waap/"
+    cp_exec "cp -f resources/cp-ab.js /etc/cp/conf/waap/"
+    cp_exec "cp -f resources/cp-csrf.js /etc/cp/conf/waap/"
+    cp_exec "chmod 777 /etc/cp/conf/waap/cp-ab.js"
+    cp_exec "chmod 777 /etc/cp/conf/waap/cp-csrf.js"
+}
+
+set_debug_configuration()
+{
+    cp_exec "cp conf/cp-nano-http-transaction-handler-debug-conf.json $SERVICE_DBG_CONF_PATH"
+    cp_exec "chmod 600 $SERVICE_DBG_CONF_PATH"
+
+    cp_exec "/etc/cp/scripts/cpnano_debug --default --service http-transaction-handler"
+}
+
+install_configuration_files()
+{
+    # This file defines $execution_flags
+    . conf/cp-nano-http-transaction-handler.cfg
+
+    for conf_file in $execution_flags ; do
+        if [ -f "$conf_file" ]; then
+            continue
+        fi
+        mkdir -p "$(dirname "$conf_file")"
+        echo "{}" > "$conf_file"
+    done
+}
+
+install_policy()
+{
+    debug_mode=$1
+    certs_dir=$2
+
+    if [ -z "$IS_CONTAINER_ENV" ]; then
+        [ -f /etc/cp/conf/cp-nano-http-transaction-handler-conf.json ] || cp_exec "cp conf/cp-nano-http-transaction-handler-conf.json /etc/cp/conf/cp-nano-http-transaction-handler-conf.json"
+    else
+        [ -f /etc/cp/conf/cp-nano-http-transaction-handler-conf.json ] || cp_exec "cp conf/cp-nano-http-transaction-handler-conf-container.json /etc/cp/conf/cp-nano-http-transaction-handler-conf.json"
+    fi
+    cp_exec "chmod 600 /etc/cp/conf/cp-nano-http-transaction-handler-conf.json"
+    if cat /etc/cp/conf/cp-nano-http-transaction-handler-conf.json | grep -q '"/agents/log'; then
+        cp_print "upgrading link is working" $FORCE_STDOUT
+        sed -i 's|"/agents/log|"/api/v1/agents/events|' /etc/cp/conf/cp-nano-http-transaction-handler-conf.json
+    fi
+
+    install_configuration_files
+
+    set_debug_configuration
+
+    if [ -n "$certs_dir" ] && ! cat /etc/cp/conf/cp-nano-http-transaction-handler-conf.json | grep -q "Trusted CA directory"; then
+        if [ -d "$certs_dir" ]; then
+            if ! cat /etc/cp/conf/cp-nano-http-transaction-handler-conf.json | grep -q "message"; then
+                sed -ie "0,/{/ s|{|{\"message\": {\"Trusted CA directory\": [{\"value\": \"$certs_dir\"}]},|" /etc/cp/conf/cp-nano-http-transaction-handler-conf.json
+            else
+                sed -ie "0,/\"message\"/ s|\"message\".*:.*{|\"message\": {\"Trusted CA directory\": [{\"value\": \"$certs_dir\"}],|" /etc/cp/conf/cp-nano-http-transaction-handler-conf.json
+            fi
+        else
+            cp_print "Ignoring non existing certs directory '$certs_dir'" $FORCE_STDOUT
+        fi
+    fi
+
+    handle_upgrade_from_http_manager
+}
+
+unregister_from_watchdog()
+{
+    cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE --all"
+    if [ "$IS_K8S_ENV" = "true" ]; then
+        cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register $HTTP_TRANSACTION_HANDLER_PATH/k8s-log-file-handler.sh"
+    fi
+}
+
+restart_service()
+{
+    if [ -z "$(which nginx)" ]; then
+    	cp_exec "/etc/cp/watchdog/cp-nano-watchdog --restart $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE"
+    else
+        cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE --all"
+        cp_exec "nginx -s reload"
+    fi
+
+    if [ "$IS_K8S_ENV" = "true" ]; then
+        cp_exec "/etc/cp/watchdog/cp-nano-watchdog --un-register $HTTP_TRANSACTION_HANDLER_PATH/k8s-log-file-handler.sh"
+        cp_exec "/etc/cp/watchdog/cp-nano-watchdog --register $HTTP_TRANSACTION_HANDLER_PATH/k8s-log-file-handler.sh"
+    fi
+}
+
+run_installation()
+{
+    cp_print "Starting installation of Check Point HTTP Transaction Handler service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+
+    is_debug_mode=false
+    var_certs_dir=
+    while true; do
+        if [ "$1" = "--debug_on" ]; then
+            is_debug_mode=true
+        elif [ "$1" = "--certs-dir" ]; then
+            shift
+            var_certs_dir=$1
+        elif [ -z "$1" ]; then
+            break
+        fi
+        shift
+    done
+
+    cp_exec "mkdir -p $WAAP_POLICY_FOLDER_PATH"
+    cp_exec "mkdir -p $IPS_POLICY_FOLDER_PATH"
+
+    cp_exec "mkdir -p $HTTP_TRANSACTION_HANDLER_PATH"
+    cp_exec "install bin/cp-nano-http-transaction-handler $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE"
+
+    if [ "$IS_K8S_ENV" = "true" ]; then
+        cp_exec "cp -f bin/k8s-log-file-handler.sh $HTTP_TRANSACTION_HANDLER_PATH/k8s-log-file-handler.sh"
+        cp_exec "chmod +x $HTTP_TRANSACTION_HANDLER_PATH/k8s-log-file-handler.sh"
+    fi
+
+    cp_exec "chmod +x $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE"
+    cp_exec "mkdir -p /usr/lib/cpnano"
+    ${INSTALL_COMMAND} lib/* /usr/lib/cpnano/
+    cp_exec "cp -f conf/cp-nano-http-transaction-handler.cfg $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE.cfg"
+    cp_exec "chmod 600 $HTTP_TRANSACTION_HANDLER_PATH/$HTTP_TRANSACTION_HANDLER_FILE.cfg"
+    cp_exec "cp -f conf/cp-nano-ips-protections.json /etc/cp/conf/data/cp-nano-ips-protections.data"
+    cp_exec "rm -f /etc/cp/conf/cp-nano-ips-protections.json"
+    cp_exec "chmod 600 /etc/cp/conf/data/cp-nano-ips-protections.data"
+
+    install_policy $is_debug_mode "$var_certs_dir"
+    install_waap
+
+    ${INSTALL_COMMAND} lib/libshmem_ipc.so /usr/lib/cpnano/
+    ${INSTALL_COMMAND} lib/libcompression_utils.so /usr/lib/
+    cp_exec "ldconfig"
+
+    restart_service
+
+    cp_print "Installation completed successfully." $FORCE_STDOUT
+}
+
+usage()
+{
+    echo "Check Point: available flags are"
+    echo "--install           : install HTTP Transaction Handler Nano Service"
+    echo "--uninstall         : remove HTTP Transaction Handler Nano Service"
+    echo "--pre_install_test  : run Pre-installation test for HTTP Transaction Handler Nano Service install package"
+    echo "--post_install_test : run Post-installation test for HTTP Transaction Handler Nano Service install package"
+    exit 255
+}
+
+remove_event_buffer()
+{
+    if [ -f $DEFAULT_HTTP_TRANSACTION_HANDLER_EVENT_BUFFER ]; then
+        cp_exec "rm -f $DEFAULT_HTTP_TRANSACTION_HANDLER_EVENT_BUFFER"
+    else
+        cp_print "Event buffer was not found"
+    fi
+}
+
+run_uninstall()
+{
+    unregister_from_watchdog
+    cp_exec "rm -rf $HTTP_TRANSACTION_HANDLER_PATH"
+    remove_event_buffer
+}
+
+run_pre_install_test()
+{
+    cp_print "Starting Pre-installation test of Check Point HTTP Transaction Handler service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+
+    # Nothing to test for HTTP Transaction Handler pre-installation
+
+    cp_print "Successfully finished pre-installation test for Check Point HTTP Transaction Handler service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+    exit 0
+}
+
+run_post_install_test()
+{
+    cp_print "Starting Post-installation test of Check Point HTTP Transaction Handler service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+
+    # Nothing to test for HTTP Transaction Handler post-installation
+
+    cp_print "Successfully finished post-installation test for Check Point HTTP Transaction Handler service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+    exit 0
+}
+
+run()
+{
+    if [ '--install' = "$1" ]; then
+        shift
+        run_installation "${@}"
+    elif [ '--uninstall' = "$1" ]; then
+        run_uninstall
+    elif [ '--pre_install_test' = "$1" ]; then
+        run_pre_install_test
+    elif [ '--post_install_test' = "$1" ]; then
+        run_post_install_test
+    else
+        usage
+        exit 1
+    fi
+}
+
+if [ "$(id -u)" != "0" ]; then
+    echo "Administrative privileges required for this package (use su or sudo)"
+    exit 1
+fi
+
+shift
+run "${@}"
+
+exit 0
--- a/nodes/http_transaction_handler/package/k8s-log-file-handler.sh
+++ b/nodes/http_transaction_handler/package/k8s-log-file-handler.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+while true; do
+    var_is_hybrid_mode="$(cat /etc/cp/conf/agent_details.json | grep "Orchestration mode" | grep "hybrid_mode")"
+    var_is_openappsec="$(cat /etc/cp/conf/agent_details.json | grep "Tenant ID" | grep "org_")"
+    if [ -z "${var_is_hybrid_mode}" ] && [ -z "${var_is_openappsec}" ]; then
+        sleep 5
+        continue
+    fi
+    tail -q -f /var/log/nano_agent/cp-nano-http-transaction-handler.log? >> /proc/1/fd/1
+done