From 3a1e74f55887e7986435b479ea11032942561dc4 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 16 Jun 2020 15:42:33 +0000
Subject: [PATCH] sysctl: Load nf_log_ipv4 as default logging module for TRACE
 target

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/etc/sysctl.conf                    | 3 +++
 config/rootfiles/core/147/filelists/files | 1 +
 2 files changed, 4 insertions(+)

diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index 7e7ebee44c..98a0dbe634 100644
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -34,6 +34,9 @@ net.ipv6.conf.default.disable_ipv6 = 1
 # Enable netfilter accounting
 net.netfilter.nf_conntrack_acct=1
 
+# Enable TRACE logging to syslog
+net.netfilter.nf_log.2=nf_log_ipv4
+
 # Disable netfilter on bridges.
 net.bridge.bridge-nf-call-ip6tables = 0
 net.bridge.bridge-nf-call-iptables = 0
diff --git a/config/rootfiles/core/147/filelists/files b/config/rootfiles/core/147/filelists/files
index ec47d36d35..0062d9b3e5 100644
--- a/config/rootfiles/core/147/filelists/files
+++ b/config/rootfiles/core/147/filelists/files
@@ -3,3 +3,4 @@ etc/issue
 srv/web/ipfire/cgi-bin/credits.cgi
 var/ipfire/langs
 etc/rc.d/init.d/firewall
+etc/sysctl.conf
-- 
2.39.5