This patch adds a sample configuration for logging with ebtables through nflog out to LOGEMU and SYSLOG. It also fixes a config bug with ipv6 (log2)

Signed-off-by: Peter Warasin <peter@endian.com>

1 files changed, 15 insertions, 1 deletions

diff --git a/ulogd.conf.in b/ulogd.conf.in
index 6d76909..d2c038c 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -49,6 +49,9 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
 # this is a stack for IPv6 packet-based logging via LOGEMU
 #stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
 
+# this is a stack for ebtables packet-based logging via LOGEMU
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
 # this is a stack for ULOG packet-based logging via LOGEMU
 #stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
 
@@ -64,6 +67,9 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
 # this is a stack for logging IPv6 packet to PGsql after a collect via NFLOG
 #stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,pgsql1:PGSQL
 
+# this is a stack for logging ebtables packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
 # this is a stack for flow-based logging to MySQL
 #stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
 
@@ -75,10 +81,15 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
 group=0
 
 # IPv6 logging through NFLOG
-[log1]
+[log2]
 group=1 # Group has to be different from the one use in log1
 addressfamily=10 # 10 is value of AF_INET6
 
+# ebtables logging through NFLOG
+[log3]
+group=2 # Group has to be different from the one use in log1/log2
+addressfamily=7 # 7 is value of AF_BRIDGE
+
 [ulog1]
 # netlink multicast group (the same as the iptables --ulog-nlgroup param)
 nlgroup=1
@@ -106,3 +117,6 @@ user="nupik"
 table="ulog"
 pass="changeme"
 procedure="INSERT_PACKET_FULL"
+
+[sys2]
+facility=LOG_LOCAL2