nfct: implement src and dst filter

This patch implements two filtering options in NFCT input plugin. If 'accept_src_filter' is set to a network it will only catch the event where the source is that specific network. 'accept_dst_filter' does the same for the destination.
author: Eric Leblond <eric@regit.org> 2012-07-16 23:03:39 +0200
committer: Eric Leblond <eric@regit.org> 2013-01-05 10:55:08 +0100
commit: b91d9a38b9c20cbc66243d188d229f800c57f723 (patch)
tree: 92c0facca2cd15661a5d529eeccb0acc8deb091a /ulogd.conf.in
parent: c70783d8dbbe1373989f72b413389d23892c1000 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ulogd.conf.in b/ulogd.conf.in
index 6aff802..fa1fbf2 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -125,6 +125,10 @@ plugin="@pkglibdir@/ulogd_output_GRAPHITE.so"
 #netlink_socket_buffer_maxsize=1085440
 #netlink_resync_timeout=60 # seconds to wait to perform resynchronization
 #pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
 
 [ct2]
 #netlink_socket_buffer_size=217088
author	Eric Leblond <eric@regit.org>	2012-07-16 23:03:39 +0200
committer	Eric Leblond <eric@regit.org>	2013-01-05 10:55:08 +0100
commit	b91d9a38b9c20cbc66243d188d229f800c57f723 (patch)
tree	92c0facca2cd15661a5d529eeccb0acc8deb091a /ulogd.conf.in
parent	c70783d8dbbe1373989f72b413389d23892c1000 (diff)