|author||Eric Leblond <firstname.lastname@example.org>||2009-01-04 23:29:50 +0100|
|committer||Eric Leblond <email@example.com>||2009-01-05 00:17:47 +0100|
Add variable to force binding of nfnetlink_log.
This patch updates the behaviour of the NFLOG input plugin to fix an issue related to kernel older than 2.6.29. The call to nflog_bind_pf() that can be necessary to receive packet from the nfnetlink_log was only done if the used group was 0 (system logging). This is logic for the newest kernel (NFLOG really sends message to nfnetlink_log and not to the nf_log logger). But this is unsufficient for older one. By forcing the binding with the new configuration variable bind, it is now possible to trigger the binding from the ulogd2 configuration file. This gives users a way to be sure that ulogd will receive packets if the NFLOG input plugin is used.
Diffstat (limited to 'ulogd.conf.in')
1 files changed, 6 insertions, 0 deletions
diff --git a/ulogd.conf.in b/ulogd.conf.in
index a48af3f..7022bf6 100644
@@ -111,6 +111,11 @@ group=0
group=1 # Group has to be different from the one use in log1
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
# packet logging through NFLOG for group 2, numeric_label is
# set to 1
@@ -120,6 +125,7 @@ group=2 # Group has to be different from the one use in log1/log2
numeric_label=1 # you can label the log info based on the packet verdict
# netlink multicast group (the same as the iptables --ulog-nlgroup param)