|author||Patrick McHardy <firstname.lastname@example.org>||2008-05-18 18:35:35 +0200|
|committer||Patrick McHardy <email@example.com>||2008-05-18 18:35:35 +0200|
Remove obsolete patches and files and move ulogd to repository top-level directory
Diffstat (limited to 'README')
1 files changed, 41 insertions, 29 deletions
@@ -1,12 +1,18 @@
-Userspace logging facility for netfilter / linux 2.4
-$Id: README,v 1.2 2000/09/22 06:57:16 laforge Exp $
+Userspace logging facility for iptables / linux 2.4
+$Id: README,v 1.7 2002/04/16 12:44:41 laforge Exp $
+Project Homepage: http://www.gnumonks.org/projects/ulogd
+This is just a short README, pleaes see the more extensive documentation
+in the doc/ subdirectory.
This packages is intended for passing packets from the kernel to userspace
to do some logging there. It should work like that:
-- Register a target called ULOG with netfilter
+- Register a target called ULOG with iptables
- if the target is hit:
- send the packet out using netlink multicast facility
- return NF_CONTINUE immediately
@@ -19,42 +25,45 @@ More than one logging daemon may listen to the netlink multicast address.
-The package is consisting out of three parts:
-ipt_ULOG and libipt_ULOG are NOW INCLUDED IN NETFILTER patch-o-matic.
-I strongly recommend using the latest package or even CVS from
-1. Netfilter target ipt_ULOG
-This is the kernel module which does the kernel part of packet passing to
-the userspace. This module is inserted on demand through the netfilter
-subsystem as soon as You add a rule with the target ULOG to any chain.
-2. iptables plugin (libipt_ULOG.so)
-This is a plugin for the netfilter configuration tool iptables. Just put
-it to /usr/local/lib/iptables and it is loaded on demand from iptables.
-3. Ulog library (libipulog.a)
+= Ulog library (libipulog.a)
Just a little library like libipq.a which provides a convenient way to
write userspace logging daemons. The functions provided are described
in the source code, a small demo program (ulog_test) is also included.
-4. ulogd daemon (ulogd)
+= ulogd daemon (ulogd)
A sophisticated logging daemon which uses libipulog. The daemon provides
an easy to use plugin interface to write additional packet interpreters and
output targets. Example plugins (interpreter: ip, tcp, icmp output: simple
logging to a file) are included.
+= documentation (doc)
+A quite verbose documentation of this package and it's configuration exists,
+please actually make use of it and read it :)
-Just apply the kernel patch and enable the kernel config option
-CONFIG_IP_NF_TARGET_ULOG in the netfilter subsection of the network options.
-Then recompile the kernel or just recompile the netfilter modules using
-'make modules SUBDIRS=net/ipv4/netfilter'.
-Next step is installing the module using 'make modules_install'
+The kernel part of the userspace logging facility (ipt_ULOG.o) is included
+in kernels >= 2.4.18-pre8. If you are running older kernel versions, you MUST
+install the ulog-patch from netfilter patch-o-matic FIRST !!
+Please go to the netfilter homepage (http://www.netfilter.org/)
+and download the latest iptables package. There is a system called
+patch-o-matic, which manages recent netfilter development, which has
+not been included in the stock kernel yet.
+Just apply the ulog-patch from patch-o-matic (there is some documentation
+included in the iptables package how to use patch-o-matic).
-To use the iptables plugin, copy libipt_ULOG.so to /usr/local/lib/iptables
+Next you have to enable the kernel config option CONFIG_IP_NF_TARGET_ULOG in
+the netfilter subsection of the network options.
+Then recompile the kernel or just recompile the netfilter modules using 'make
+modules SUBDIRS=net/ipv4/netfilter'. Next step is installing the module using
+It is also a good idea to recompile and re-install the iptables package,
+if you don't already have libipt_ULOG.so in /usr/local/lib/iptables or
Now You are ready to go. You may now insert logging rules to every chain.
To see the full syntax, type 'iptables -j ULOG -h'
@@ -72,14 +81,17 @@ group 32. All packets get tagged with the ulog prefix "inp"
iptables -A INPUT -j ULOG -p tcp --dport 80 --ulog-nlgroup 32 --ulog-prefix inp
-In the latest Version (0.2) I added another parameter (--ulog-cprange).
+Since version 0.2, I added another parameter (--ulog-cprange).
Using this parameter You are able to specify how much octets of the
packet should be copied from the kernel to userspace.
Setting --ulog-cprange to 0 does always copy the whole packet. Default is 0
===> COPYRIGHT + CREDITS
-The code is (C) 2000 by Harald Welte <firstname.lastname@example.org>
+The code is (C) 2000-2003 by Harald Welte <email@example.com>
+Thanks also to the valuable Contributions of Daniel Stone, Alexander
+Janssen and Michael Stolovitzsky.
Credits to Rusty Russel, James Morris, Marc Boucher and all the other