summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build: bump version to 2.00beta3ulogd-2.0.0beta3Pablo Neira Ayuso2009-03-061-1/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Delete timer in destructor function.Eric Leblond2009-02-081-0/+2
| | | | This patch deletes the overrun timer in the destructor function.
* pgsql: fix type of mac_protocol and oob_protocol.Eric Leblond2009-02-082-2/+2
| | | | | The oob_protocol does not fit into a smallint (IPv6 case for example). This patch switches the length of the related field to an integer.
* Add threshold and timeout option to NFLOG plugin.Eric Leblond2009-01-292-1/+49
| | | | | This patch adds support for setting NFLOG threshold and timeout from ulogd.
* Explicitely type PCAP input key.Eric Leblond2009-01-271-5/+15
| | | | This patch affect type and flag to PCAP input key.
* Display which keys are optional in info mode.Eric Leblond2009-01-271-1/+6
| | | | | This patch adds a "optional" keyword to description of input key which are optional when --info is used to dump information about a plugin.
* Replace INCLUDES by AM_CPPFLAGS in Makefile.am.Eric Leblond2009-01-2212-12/+12
| | | | | This patch fixes autotools warning about deprecated usage of INCLUDES in Makefile.am.
* build: update configure.acJan Engelhardt2009-01-202-11/+9
| | | | | | | Some constructs in there are old-fashioned. Replace them by their modern counterparts. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: resolve autotools suggestions to use AC_CONFIG_MACRO_DIRJan Engelhardt2009-01-203-0/+4
| | | | | | | | libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree. libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: use -avoid-version for modulesJan Engelhardt2009-01-2010-23/+23
| | | | | | | The modules are pretty much bound to ulogd, and it does not seem to make sense to specially version these. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* Update .gitignore and remove install-shJan Engelhardt2009-01-203-251/+25
| | | | | | install-sh is autogenerated. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: compile fixJan Engelhardt2009-01-181-0/+1
| | | | | | | | | ulogd_inpflow_NFCT.c: In function 'propagate_ct': ulogd_inpflow_NFCT.c:483: error: 'IPPROTO_UDPLITE' undeclared (first use in this function) (and more for IPPROTO_SCTP) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* HWHDR: Fix size of allocated string.Eric Leblond2009-01-131-1/+1
| | | | | This patch fixes a incorrect computing of the allocation size of a string.
* Fix crash on IPv6 packet.Eric Leblond2009-01-131-1/+4
| | | | | Incorrect definition of a IPv6 input key handling function was causing a crash in ulogd.
* Display logfile to check in case of error.Eric Leblond2009-01-131-2/+7
| | | | | This patch adds the display of the used logging file to look at if there is a critical error.
* fix config file: MAC2STR has been renamed to HWHDR.Eric Leblond2009-01-131-2/+2
| | | | | This patch replaces all MAC2STR occurences by HWHDR to sync with the renaming of the plugin.
* Flat SQL schema for MySQLPierre Chifflier2009-01-071-0/+478
| | | | | | | This schema is designed for performance, by putting all fields in a single table. It should be used in combination with plain INSERT. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* Flat SQL schema for PostgreSQLPierre Chifflier2009-01-071-0/+406
| | | | | | | This schema is designed for performance, by putting all fields in a single table. It should be used in combination with plain INSERT. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* PostgreSQL: allow local connectionsPierre Chifflier2009-01-071-1/+2
| | | | | | | | This patch allows to connect to the server using the local (unix) socket, thus not using a network socket and SSL encryption. Local connection is used if host parameter is omitted or empty. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* DBI: lower column name before comparing to keyPierre Chifflier2009-01-071-0/+14
| | | | | | | Some databases (e.g Oracle) return column name in uppercase, while key name is in lowercase. This patch allows to match keys correctly. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* Allow plain INSERT instead of procedurePierre Chifflier2009-01-071-1/+26
| | | | | | | | | If the procedure name specified in configuration is INSERT, than use a regular insertion instead of a stored procedure. This should be used when performance is needed, with a flat SQL schema, to reduce the cost of SQL procedure calls. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* PostgreSQL schema: drop useless constraintsPierre Chifflier2009-01-071-5/+0
| | | | | | | Constraints on TCP/UDP port number validity are useless and only slow down insertions. Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
* Add variable to force binding of nfnetlink_log.Eric Leblond2009-01-052-7/+22
| | | | | | | | | | | | | This patch updates the behaviour of the NFLOG input plugin to fix an issue related to kernel older than 2.6.29. The call to nflog_bind_pf() that can be necessary to receive packet from the nfnetlink_log was only done if the used group was 0 (system logging). This is logic for the newest kernel (NFLOG really sends message to nfnetlink_log and not to the nf_log logger). But this is unsufficient for older one. By forcing the binding with the new configuration variable bind, it is now possible to trigger the binding from the ulogd2 configuration file. This gives users a way to be sure that ulogd will receive packets if the NFLOG input plugin is used.
* Return true/false instead of ULOGD_IRET_OK/STOPThomas Jacob2008-12-091-2/+2
| | | | | Signed-off-by: Thomas Jacob <jacob@internet24.de> Signed-off-by: Eric Leblond <eric@inl.fr>
* Add valgrind compilation option.Eric Leblond2008-12-091-0/+4
| | | | | | Valgrind messages are obscur when the plugins are unloaded. This patch adds a macro that can be used to desactivate unloading. To use it, you have to specify 'CPPFLAGS=-DDEBUG_VALGRIND' on configure line.
* Fix memory leak in destructor_nfct().Eric Leblond2008-12-091-0/+11
| | | | | This patch fixes a memory leak in the destructor function which was not releasing the memory allocated for each connection tracking entry.
* Free stacks when exiting.Eric Leblond2008-12-091-0/+12
| | | | This patch modifies ulogd2 to have it free the stacks when leaving.
* Introduce config_stop() functionEric Leblond2008-12-093-0/+9
| | | | | This patch adds the config_stop function which is in charge of releasing ressources allocated for configuration file parsing.
* Unload plugins when quitting.Eric Leblond2008-12-092-1/+28
| | | | | This patch adds unloading of plugins (call dlclose()) in ulogd2. This make valgrind happy and will be useful for daemon live reconfiguration.
* Add SIGINT to list of terminal signal.Eric Leblond2008-12-091-1/+2
| | | | | This patch modifies ulogd to intercept SIGINT signal and quit nicely when this signal is received.
* Call pluginstance stop function when exitingEric Leblond2008-12-091-1/+25
| | | | | | The stop function of plugin was not called when ulogd2 was preparing to quit. This patch adds a call to stop for all plugins in each stack and free pluginstance.
* Fix minor memory leak in NFLOG plugin.Eric Leblond2008-12-091-0/+2
| | | | This patch fix a minor memory leak at NFLOG plugin exit.
* Don't free pluginstance when leavingEric Leblond2008-12-092-3/+0
| | | | | If we free pluginstance in the stop function we won't be able to iter anymore on the stack linked list.
* Fix stop function of NFCT plugin.Eric Leblond2008-12-092-3/+5
| | | | | This patch fixes some crashes in NFCT plugin that were triggered by the call of the destructor_nfct function (during stop).
* Treat nice function return.Eric Leblond2008-12-091-1/+7
| | | | | gcc was warning that the return of the nice function should be treated. This patch adds an error message in case of failure.
* Add SCTP support to MySQL and PGSQL output.Eric Leblond2008-12-092-5/+79
| | | | | | | | This patch adds support for SCTP in the MySQL and PGSQL output plugins. It adds a dedicated SCTP table and modifies the insert_packet_full procedure. Signed-off-by: Eric Leblond <eric@inl.fr>
* SCTP support for PRINTPKT.Eric Leblond2008-12-092-1/+18
| | | | | | This patch modifies PRINTPKT plugin to add SCTP support. Signed-off-by: Eric Leblond <eric@inl.fr>
* Add SCTP support to BASE plugin.Eric Leblond2008-12-091-0/+53
| | | | | | THis patch adds basic support for SCTP in the BASE plugin. Signed-off-by: Eric Leblond <eric@inl.fr>
* Document group 0 usage and suppress address_familyEric Leblond2008-12-091-17/+20
| | | | | | | | Document the fact that group 0 is used by system logging and update stack and plugin definition to match the suppression of the address_family variable. Signed-off-by: Eric Leblond <eric@inl.fr>
* Get rid of addressfamily variable in NFLOG input pluginEric Leblond2008-12-091-30/+29
| | | | | | | | | | | | | | | | | | The addressfamily configuration variable for NFLOG is used as param for nflog_bind_pf. This function is used to claim the fetching of kernel message sent via nf_log_packet() function. As all kernel messages are sent to the group 0, it is useless to call nflog_bind_pf when nflog group of the input plugin is not 0. Furthermore, as only one plugin can be bound to nflog group 0, it is mandatory to call nflog_bind_pf for all pf family when the group is 0. To sum up, this patch suppress the adressfamily parameter (which simplify the configuration file) and call nflog_bind_pf for all pf family when the nflog group of the instance is 0. Signed-off-by: Eric Leblond <eric@inl.fr>
* Modify usage of nflog_bind_pf function.Eric Leblond2008-12-091-20/+32
| | | | | | | | | The nflog_bind_pf function was called for each NFLOG instance. This patch modifies the behaviour to have it call if and only if the nfgroup is set to 0. As the kernel uses only the 0 group to output subsystem messages, this change clarify the situation. Signed-off-by: Eric Leblond <eric@inl.fr>
* add ukey_* function for key assignationPablo Neira Ayuso2008-12-0918-552/+449
| | | | | | | | | This patch cleans up the current key assignation by introducing a set of functions ukey_* to set the key value as Eric Leblond and we discussed during the latest Netfilter Workshop. This patch is based on an idea from Holger Eitzenberger. Signed-off-by: Eric Leblond <eric@inl.fr>
* Add new output plugin DBIPierre Chifflier2008-12-095-1/+337
| | | | | | | | | libdbi implements a database-independent abstraction layer in C, similar to the DBI/DBD layer in Perl. This module brings support for all database types supported by libdbi. Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Eric Leblond <eric@inl.fr>
* Search for libdbi includes during configurePierre Chifflier2008-12-092-0/+89
| | | | | | | | libdbi is a database-independent abstraction layer in C, similar to the DBI/DBD layer in Perl. Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Eric Leblond <eric@inl.fr>
* Link ulogd2 with libpthreadPierre Chifflier2008-12-091-1/+1
| | | | | | | | Explicitly link with libpthread. This allows to run ulogd within gdb, else it fails with message: Cannot find new threads: generic error Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Eric Leblond <eric@inl.fr>
* Fix light memory error in parse_mac2strPierre Chifflier2008-12-091-2/+8
| | | | | | | | | When len is 0 (for ex. when the input mac is NULL), parse_mac2str tries to calloc a 0-bytes bloc, which leads to a conditional jump based on uninitialized value (spotted by valgrind). Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Eric Leblond <eric@inl.fr>
* NFCT: remove unused constant NFLOG_RMEM_DEFAULTPablo Neira Ayuso2008-10-221-6/+0
| | | | | | | This patch removes NFLOG_RMEM_DEFAULT which is a reminiscent of the initial development of NFLOG which is based on the ULOG plugin. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* pgsql: remove useless checkingsPierre Chifflier2008-10-201-6/+0
| | | | | | | This patch removes useless checkings. Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* hwhdr: finish missing renamingPierre Chifflier2008-10-202-3/+3
| | | | | | | MAC2STR has been renamed to HWHDR. Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* hwhdr: fix segfault when RAW_MAC is NULLPierre Chifflier2008-10-201-1/+1
| | | | | | | This fixes a segfault when RAW_MAC key is NULL in MAC2STR plugin. Signed-off-by: Pierre Chifflier <chifflier@inl.fr> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>