diff options
author | Eric Leblond <eric@regit.org> | 2012-07-16 23:03:39 +0200 |
---|---|---|
committer | Eric Leblond <eric@regit.org> | 2013-01-05 10:55:08 +0100 |
commit | b91d9a38b9c20cbc66243d188d229f800c57f723 (patch) | |
tree | 92c0facca2cd15661a5d529eeccb0acc8deb091a /ulogd.conf.in | |
parent | c70783d8dbbe1373989f72b413389d23892c1000 (diff) |
nfct: implement src and dst filter
This patch implements two filtering options in NFCT input plugin.
If 'accept_src_filter' is set to a network it will only catch the
event where the source is that specific network. 'accept_dst_filter'
does the same for the destination.
Diffstat (limited to 'ulogd.conf.in')
-rw-r--r-- | ulogd.conf.in | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ulogd.conf.in b/ulogd.conf.in index 6aff802..fa1fbf2 100644 --- a/ulogd.conf.in +++ b/ulogd.conf.in @@ -125,6 +125,10 @@ plugin="@pkglibdir@/ulogd_output_GRAPHITE.so" #netlink_socket_buffer_maxsize=1085440 #netlink_resync_timeout=60 # seconds to wait to perform resynchronization #pollinterval=10 # use poll-based logging instead of event-driven +# If pollinterval is not set, NFCT plugin will work in event mode +# In this case, you can use the following filters on events: +#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks +#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks [ct2] #netlink_socket_buffer_size=217088 |