# IPFire configuration for ulogd

[global]
######################################################################
# GLOBAL OPTIONS
######################################################################

# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
loglevel=7

######################################################################
# PLUGIN OPTIONS
######################################################################

# We have to configure and load all the plugins we want to use

# general rules:
# 1. load the plugins _first_ from the global section
# 2. options for each plugin in seperate section below

plugin="/usr/lib/ulogd/ulogd_inppkt_NFLOG.so"
#plugin="/usr/lib/ulogd/ulogd_inppkt_ULOG.so"
plugin="/usr/lib/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib/ulogd/ulogd_filter_IP2BIN.so"
plugin="/usr/lib/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib/ulogd/ulogd_filter_HWHDR.so"
plugin="/usr/lib/ulogd/ulogd_filter_PRINTFLOW.so"
#plugin="/usr/lib/ulogd/ulogd_filter_MARK.so"
#plugin="/usr/lib/ulogd/ulogd_output_LOGEMU.so"
plugin="/usr/lib/ulogd/ulogd_output_SYSLOG.so"
#plugin="/usr/lib/ulogd/ulogd_output_OPRINT.so"
#plugin="/usr/lib/ulogd/ulogd_output_NACCT.so"
#plugin="/usr/lib/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib/ulogd/ulogd_output_PGSQL.so"
#plugin="/usr/lib/ulogd/ulogd_output_MYSQL.so"
#plugin="/usr/lib/ulogd/ulogd_output_DBI.so"
plugin="/usr/lib/ulogd/ulogd_output_SQLITE3.so"
plugin="/usr/lib/ulogd/ulogd_raw2packet_BASE.so"

# Log packets
stack=src-pkt:NFLOG,base:BASE,ifindex:IFINDEX,ip2str:IP2STR,hw:HWHDR,db-packets:SQLITE3
stack=src-pkt:NFLOG,base:BASE,ifindex:IFINDEX,ip2str:IP2STR,print:PRINTPKT,syslog:SYSLOG

# Log connection tracking events
stack=src-ct:NFCT,ip2bin:IP2BIN,ip2str:IP2STR,print-flow:PRINTFLOW,db-flows:SQLITE3

[src-pkt]
group=0
bind=1

[src-ct]
# Only receive DESTROY events
event_mask=0x00000004
hash_enable=1

[db-packets]
db=/var/lib/ulogd/ulogd.db
table=hits

[db-flows]
db=/var/lib/ulogd/ulogd.db
table=flows