diff options
| -rw-r--r-- | Changes | 17 | ||||
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | doc/ulogd.sgml | 14 | ||||
| -rw-r--r-- | ulogd.c | 17 |
4 files changed, 42 insertions, 10 deletions
@@ -0,0 +1,17 @@ +Version 0.91 +- changes for new kernel ULOG. Includes support for multilink netlink + messages. + +Version 0.9 +- configuration file routines +- plugins are able to register new configfile keys +- new MYSQL plugin + +Version 0.3 + +- new PWSNIFF interpreter plugin +- verbose error reporting + +Version 0.2 + +- real daemon, we are forking now @@ -7,8 +7,10 @@ ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU #MYSQL # Normally You should not need to change anything below # +ULOGD_VERSION=0.91 + CC = gcc -CFLAGS = -I. -Wall $(INCIPULOG) -O2 +CFLAGS = -I. -Wall $(INCIPULOG) -O2 -DULOGD_VERSION=\"$(ULOGD_VERSION)\" CFLAGS+=-g -DDEBUG SH_CFLAGS:=$(CFLAGS) -fPIC diff --git a/doc/ulogd.sgml b/doc/ulogd.sgml index 4197dbc..3c29f9e 100644 --- a/doc/ulogd.sgml +++ b/doc/ulogd.sgml @@ -1,12 +1,12 @@ <!doctype linuxdoc system> -<!-- $Id: ulogd.sgml,v 1.1 2000/11/20 11:43:22 laforge Exp $ --> +<!-- $Id: ulogd.sgml,v 1.2 2000/11/20 19:40:14 laforge Exp $ --> <article> <title>ULOGD - the Userspace Logging Daemon</title> <author>Harald Welte <laforge@gnumonks.org></author> -<date>Revision $Revision: 1.1 $, $Date: 2000/11/20 11:43:22 $</date> +<date>Revision $Revision: 1.2 $, $Date: 2000/11/20 19:40:14 $</date> <abstract> This is the documentation for <tt>ulogd</tt>, the Userspace logging daemon. @@ -115,6 +115,16 @@ example: iptables -A FORWARD -j ULOG --ulog-nlgroup 32 --prefix foo </verb></tscreen> <p> +To increase logging performance, try to use the +<tscreen><verb> +--ulog-qthreshold N +</verb></tscreen> +option (where 1 < N <= 50). The number you specify is the amout of packets +batched together in one multipart netlink message. If you set this to 20, the +kernel schedules ulogd only once every 20 packets. All 20 packets are then +processed by ulogd. This reduces the number of context switches between kernel +and userspace. +<p> Of course you can combine the ULOG target with the different netfilter match modules. For a more detailed description, have a look at the netfilter HOWTO's, available on the netfilter homepage. @@ -1,4 +1,4 @@ -/* ulogd, Version $Revision: 1.12 $ +/* ulogd, Version $Revision: 1.13 $ * * userspace logging daemon for the netfilter ULOG target * of the linux 2.4 netfilter subsystem. @@ -7,7 +7,7 @@ * * this code is released under the terms of GNU GPL * - * $Id: ulogd.c,v 1.12 2000/11/16 21:15:30 laforge Exp $ + * $Id: ulogd.c,v 1.13 2000/11/20 11:43:22 laforge Exp $ */ #include <stdio.h> @@ -22,8 +22,10 @@ #include "conffile.h" #include "ulogd.h" -/* Size of the netlink receive buffer */ -#define MYBUFSIZ 2048 +/* Size of the netlink receive buffer. If you have _big_ in-kernel + * queues, you may have to increase this number. + * ( --qthreshold 100 * 1500 bytes/packet = 150kB */ +#define MYBUFSIZ 65535 #ifdef DEBUG #define DEBUGP(format, args...) fprintf(stderr, format, ## args) @@ -530,9 +532,10 @@ int main(int argc, char* argv[]) * handle_packet */ while(1) { len = ipulog_read(h, buf, MYBUFSIZ, 1); - upkt = ipulog_get_packet(buf); - DEBUGP("==> packet received\n"); - handle_packet(upkt); + while(upkt = ipulog_get_packet(h, buf, len)) { + DEBUGP("==> packet received\n"); + handle_packet(upkt); + } } /* just to give it a cleaner look */ |