1 # IPFire configuration for ulogd
4 ######################################################################
6 ######################################################################
8 # logfile for status messages
9 logfile="/var/log/ulogd/ulogd.log"
11 # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
14 ######################################################################
16 ######################################################################
18 # We have to configure and load all the plugins we want to use
21 # 1. load the plugins _first_ from the global section
22 # 2. options for each plugin in seperate section below
24 plugin="/usr/lib/ulogd/ulogd_inppkt_NFLOG.so"
25 plugin="/usr/lib/ulogd/ulogd_inppkt_ULOG.so"
26 plugin="/usr/lib/ulogd/ulogd_inpflow_NFCT.so"
27 plugin="/usr/lib/ulogd/ulogd_filter_IFINDEX.so"
28 plugin="/usr/lib/ulogd/ulogd_filter_IP2STR.so"
29 plugin="/usr/lib/ulogd/ulogd_filter_IP2BIN.so"
30 plugin="/usr/lib/ulogd/ulogd_filter_PRINTPKT.so"
31 plugin="/usr/lib/ulogd/ulogd_filter_HWHDR.so"
32 plugin="/usr/lib/ulogd/ulogd_filter_PRINTFLOW.so"
33 #plugin="/usr/lib/ulogd/ulogd_filter_MARK.so"
34 plugin="/usr/lib/ulogd/ulogd_output_LOGEMU.so"
35 plugin="/usr/lib/ulogd/ulogd_output_SYSLOG.so"
36 #plugin="/usr/lib/ulogd/ulogd_output_OPRINT.so"
37 #plugin="/usr/lib/ulogd/ulogd_output_NACCT.so"
38 #plugin="/usr/lib/ulogd/ulogd_output_PCAP.so"
39 #plugin="/usr/lib/ulogd/ulogd_output_PGSQL.so"
40 #plugin="/usr/lib/ulogd/ulogd_output_MYSQL.so"
41 #plugin="/usr/lib/ulogd/ulogd_output_DBI.so"
42 plugin="/usr/lib/ulogd/ulogd_output_SQLITE3.so"
43 plugin="/usr/lib/ulogd/ulogd_raw2packet_BASE.so"
45 # this is a stack for logging packet send by system via LOGEMU
46 stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
48 # this is a stack for NFLOG packet-based logging to PCAP
49 #stack=log1:NFLOG,base1:BASE,pcap1:PCAP
51 # this is a stack for logging packet to sqlite
52 #stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,sqlite1:SQLITE3
54 # this is a stack for logging packets to syslog after a collect via NFLOG
55 #stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
57 # Logging of system packet through NFLOG
59 # netlink multicast group (the same as the iptables --nflog-group param)
60 # Group O is used by the kernel to log connection tracking invalid message
62 #netlink_socket_buffer_size=217088
63 #netlink_socket_buffer_maxsize=1085440
64 # set number of packet to queue inside kernel
66 # set the delay before flushing packet in the queue inside kernel (in ms)
67 #netlink_qtimeout=1000
71 file="/var/log/ulogd/syslogemu.log"
78 db=/var/log/ulogd/ulogd.db