From: Eric Leblond <eric@inl.fr>
To: netfilter-devel@vger.kernel.org
Cc: pablo@netfilter.org, Eric Leblond <eric@inl.fr>
Subject: [ULOGD2 PATCH 04/18] Document group 0 usage and suppress address_family
Date: Mon, 1 Dec 2008 22:36:02 +0100 [thread overview]
Message-ID: <1228167376-22101-5-git-send-email-eric@inl.fr> (raw)
In-Reply-To: <1228167376-22101-1-git-send-email-eric@inl.fr>
Document the fact that group 0 is used by system logging and
update stack and plugin definition to match the suppression
of the address_family variable.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
ulogd.conf.in | 37 ++++++++++++++++++++-----------------
1 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/ulogd.conf.in b/ulogd.conf.in
index e24e6b6..a48af3f 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -45,20 +45,17 @@ plugin="@libdir@/ulogd/ulogd_output_SYSLOG.so"
#plugin="@libdir@/ulogd/ulogd_output_DBI.so"
plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
-# this is a stack for IPv4 packet-based logging via LOGEMU
+# this is a stack for logging packet send by system via LOGEMU
#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for IPv6 packet-based logging via LOGEMU
+# this is a stack for packet-based logging via LOGEMU
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for ebtables packet-based logging via LOGEMU
-#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
# this is a stack for ULOG packet-based logging via LOGEMU
#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for IPv4 packet-based logging via LOGEMU with filtering on MARK
-#stack=log1:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
@@ -67,15 +64,15 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
#stack=ct1:NFCT,op1:OPRINT
# this is a stack for NFLOG packet-based logging to PCAP
-#stack=log1:NFLOG,base1:BASE,pcap1:PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
# this is a stack for logging packet to MySQL
-#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:MAC2STR,mysql1:MYSQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:MAC2STR,mysql1:MYSQL
-# this is a stack for logging IPv6 packet to PGsql after a collect via NFLOG
+# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:MAC2STR,pgsql1:PGSQL
-# this is a stack for logging ebtables packets to syslog after a collect via NFLOG
+# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
# this is a stack for flow-based logging to MySQL
@@ -100,23 +97,29 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
#netlink_socket_buffer_maxsize=1085440
hash_enable=0
-# IPv4 logging through NFLOG
+# Logging of system packet through NFLOG
[log1]
# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
group=0
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
-# IPv6 logging through NFLOG
+# packet logging through NFLOG for group 1
[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
group=1 # Group has to be different from the one use in log1
-addressfamily=10 # 10 is value of AF_INET6
-numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
-# ebtables logging through NFLOG
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
group=2 # Group has to be different from the one use in log1/log2
-addressfamily=7 # 7 is value of AF_BRIDGE
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
[ulog1]
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
--
1.5.6.3
next prev parent reply other threads:[~2008-12-01 21:36 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
2008-12-01 21:35 ` [ULOGD2 PATCH 01/18] add ukey_* function for key assignation Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 02/18] Modify usage of nflog_bind_pf function Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 03/18] Get rid of addressfamily variable in NFLOG input plugin Eric Leblond
2008-12-01 21:36 ` Eric Leblond [this message]
2008-12-01 21:36 ` [ULOGD2 PATCH 05/18] Add SCTP support to BASE plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 06/18] SCTP support for PRINTPKT Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 07/18] Add SCTP support to MySQL and PGSQL output Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 08/18] Treat nice function return Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 09/18] Fix stop function of NFCT plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 10/18] Don't free pluginstance when leaving Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 11/18] Fix minor memory leak in NFLOG plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 12/18] Call pluginstance stop function when exiting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 13/18] Add SIGINT to list of terminal signal Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 14/18] Unload plugins when quitting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 15/18] Introduce config_stop() function Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 16/18] Free stacks when exiting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 17/18] Fix memory leak in destructor_nfct() Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 18/18] Add valgrind compilation option Eric Leblond
2008-12-10 11:07 ` [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1228167376-22101-5-git-send-email-eric@inl.fr \
--to=eric@inl.fr \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).