]>
Commit | Line | Data |
---|---|---|
d3964792 MT |
1 | # IPFire configuration for ulogd |
2 | ||
3 | [global] | |
4 | ###################################################################### | |
5 | # GLOBAL OPTIONS | |
6 | ###################################################################### | |
7 | ||
8 | # logfile for status messages | |
9 | logfile="/var/log/ulogd/ulogd.log" | |
10 | ||
11 | # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) | |
aad412de | 12 | loglevel=7 |
d3964792 MT |
13 | |
14 | ###################################################################### | |
15 | # PLUGIN OPTIONS | |
16 | ###################################################################### | |
17 | ||
18 | # We have to configure and load all the plugins we want to use | |
19 | ||
20 | # general rules: | |
21 | # 1. load the plugins _first_ from the global section | |
22 | # 2. options for each plugin in seperate section below | |
23 | ||
24 | plugin="/usr/lib/ulogd/ulogd_inppkt_NFLOG.so" | |
aad412de | 25 | plugin="/usr/lib/ulogd/ulogd_inppkt_ULOG.so" |
d3964792 MT |
26 | plugin="/usr/lib/ulogd/ulogd_inpflow_NFCT.so" |
27 | plugin="/usr/lib/ulogd/ulogd_filter_IFINDEX.so" | |
28 | plugin="/usr/lib/ulogd/ulogd_filter_IP2STR.so" | |
29 | plugin="/usr/lib/ulogd/ulogd_filter_IP2BIN.so" | |
30 | plugin="/usr/lib/ulogd/ulogd_filter_PRINTPKT.so" | |
31 | plugin="/usr/lib/ulogd/ulogd_filter_HWHDR.so" | |
32 | plugin="/usr/lib/ulogd/ulogd_filter_PRINTFLOW.so" | |
33 | #plugin="/usr/lib/ulogd/ulogd_filter_MARK.so" | |
aad412de | 34 | plugin="/usr/lib/ulogd/ulogd_output_LOGEMU.so" |
d3964792 MT |
35 | plugin="/usr/lib/ulogd/ulogd_output_SYSLOG.so" |
36 | #plugin="/usr/lib/ulogd/ulogd_output_OPRINT.so" | |
37 | #plugin="/usr/lib/ulogd/ulogd_output_NACCT.so" | |
38 | #plugin="/usr/lib/ulogd/ulogd_output_PCAP.so" | |
39 | #plugin="/usr/lib/ulogd/ulogd_output_PGSQL.so" | |
40 | #plugin="/usr/lib/ulogd/ulogd_output_MYSQL.so" | |
41 | #plugin="/usr/lib/ulogd/ulogd_output_DBI.so" | |
42 | plugin="/usr/lib/ulogd/ulogd_output_SQLITE3.so" | |
43 | plugin="/usr/lib/ulogd/ulogd_raw2packet_BASE.so" | |
44 | ||
45 | # this is a stack for logging packet send by system via LOGEMU | |
aad412de | 46 | stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU |
d3964792 MT |
47 | |
48 | # this is a stack for NFLOG packet-based logging to PCAP | |
aad412de | 49 | #stack=log1:NFLOG,base1:BASE,pcap1:PCAP |
d3964792 | 50 | |
aad412de MT |
51 | # this is a stack for logging packet to sqlite |
52 | #stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,sqlite1:SQLITE3 | |
d3964792 MT |
53 | |
54 | # this is a stack for logging packets to syslog after a collect via NFLOG | |
aad412de | 55 | #stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG |
d3964792 MT |
56 | |
57 | # Logging of system packet through NFLOG | |
58 | [log1] | |
59 | # netlink multicast group (the same as the iptables --nflog-group param) | |
60 | # Group O is used by the kernel to log connection tracking invalid message | |
61 | group=0 | |
62 | #netlink_socket_buffer_size=217088 | |
63 | #netlink_socket_buffer_maxsize=1085440 | |
64 | # set number of packet to queue inside kernel | |
65 | #netlink_qthreshold=1 | |
66 | # set the delay before flushing packet in the queue inside kernel (in ms) | |
67 | #netlink_qtimeout=1000 | |
aad412de | 68 | bind=1 |
d3964792 MT |
69 | |
70 | [emu1] | |
4abf4941 | 71 | file="/var/log/ulogd/syslogemu.log" |
d3964792 MT |
72 | sync=1 |
73 | ||
d3964792 MT |
74 | [pcap1] |
75 | sync=1 | |
76 | ||
aad412de MT |
77 | [sqlite1] |
78 | db=/var/log/ulogd/ulogd.db | |
79 | table=ulog |