| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
| |
This patch deletes the overrun timer in the destructor function.
|
| |
|
|
|
| |
The oob_protocol does not fit into a smallint (IPv6 case for example).
This patch switches the length of the related field to an integer.
|
| |
|
|
|
| |
This patch adds support for setting NFLOG threshold and timeout
from ulogd.
|
| |
|
|
| |
This patch affect type and flag to PCAP input key.
|
| |
|
|
|
| |
This patch adds a "optional" keyword to description of input key which are
optional when --info is used to dump information about a plugin.
|
| |
|
|
|
| |
This patch fixes autotools warning about deprecated usage of INCLUDES in
Makefile.am.
|
| |
|
|
|
|
|
| |
Some constructs in there are old-fashioned. Replace them by their
modern counterparts.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |
|
|
|
|
|
|
| |
libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and
libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree.
libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |
|
|
|
|
|
| |
The modules are pretty much bound to ulogd, and it does not seem
to make sense to specially version these.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |
|
|
|
|
| |
install-sh is autogenerated.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |
|
|
|
|
|
|
|
| |
ulogd_inpflow_NFCT.c: In function 'propagate_ct':
ulogd_inpflow_NFCT.c:483: error: 'IPPROTO_UDPLITE' undeclared (first use in this function)
(and more for IPPROTO_SCTP)
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |
|
|
|
| |
This patch fixes a incorrect computing of the allocation size
of a string.
|
| |
|
|
|
| |
Incorrect definition of a IPv6 input key handling function was causing
a crash in ulogd.
|
| |
|
|
|
| |
This patch adds the display of the used logging file to look at if there
is a critical error.
|
| |
|
|
|
| |
This patch replaces all MAC2STR occurences by HWHDR to sync with the
renaming of the plugin.
|
| |
|
|
|
|
|
| |
This schema is designed for performance, by putting all fields in a
single table. It should be used in combination with plain INSERT.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
| |
This schema is designed for performance, by putting all fields in a
single table. It should be used in combination with plain INSERT.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
|
| |
This patch allows to connect to the server using the local (unix) socket,
thus not using a network socket and SSL encryption.
Local connection is used if host parameter is omitted or empty.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
| |
Some databases (e.g Oracle) return column name in uppercase, while
key name is in lowercase. This patch allows to match keys correctly.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
If the procedure name specified in configuration is INSERT, than use
a regular insertion instead of a stored procedure.
This should be used when performance is needed, with a flat SQL schema,
to reduce the cost of SQL procedure calls.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
| |
Constraints on TCP/UDP port number validity are useless and only slow
down insertions.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the behaviour of the NFLOG input plugin to fix an
issue related to kernel older than 2.6.29. The call to nflog_bind_pf()
that can be necessary to receive packet from the nfnetlink_log was only
done if the used group was 0 (system logging). This is logic for the
newest kernel (NFLOG really sends message to nfnetlink_log and not to
the nf_log logger). But this is unsufficient for older one. By forcing
the binding with the new configuration variable bind, it is now possible
to trigger the binding from the ulogd2 configuration file. This gives
users a way to be sure that ulogd will receive packets if the NFLOG
input plugin is used.
|
| |
|
|
|
| |
Signed-off-by: Thomas Jacob <jacob@internet24.de>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
| |
Valgrind messages are obscur when the plugins are unloaded. This patch
adds a macro that can be used to desactivate unloading. To use it, you
have to specify 'CPPFLAGS=-DDEBUG_VALGRIND' on configure line.
|
| |
|
|
|
| |
This patch fixes a memory leak in the destructor function which was not
releasing the memory allocated for each connection tracking entry.
|
| |
|
|
| |
This patch modifies ulogd2 to have it free the stacks when leaving.
|
| |
|
|
|
| |
This patch adds the config_stop function which is in charge of releasing
ressources allocated for configuration file parsing.
|
| |
|
|
|
| |
This patch adds unloading of plugins (call dlclose()) in ulogd2. This
make valgrind happy and will be useful for daemon live reconfiguration.
|
| |
|
|
|
| |
This patch modifies ulogd to intercept SIGINT signal
and quit nicely when this signal is received.
|
| |
|
|
|
|
| |
The stop function of plugin was not called when ulogd2 was
preparing to quit. This patch adds a call to stop for all
plugins in each stack and free pluginstance.
|
| |
|
|
| |
This patch fix a minor memory leak at NFLOG plugin exit.
|
| |
|
|
|
| |
If we free pluginstance in the stop function we won't
be able to iter anymore on the stack linked list.
|
| |
|
|
|
| |
This patch fixes some crashes in NFCT plugin that were triggered
by the call of the destructor_nfct function (during stop).
|
| |
|
|
|
| |
gcc was warning that the return of the nice function should
be treated. This patch adds an error message in case of failure.
|
| |
|
|
|
|
|
|
| |
This patch adds support for SCTP in the MySQL and PGSQL
output plugins. It adds a dedicated SCTP table and modifies
the insert_packet_full procedure.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
| |
This patch modifies PRINTPKT plugin to add SCTP support.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
| |
THis patch adds basic support for SCTP in the BASE plugin.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
| |
Document the fact that group 0 is used by system logging and
update stack and plugin definition to match the suppression
of the address_family variable.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The addressfamily configuration variable for NFLOG is used as param
for nflog_bind_pf. This function is used to claim the fetching of
kernel message sent via nf_log_packet() function.
As all kernel messages are sent to the group 0, it is useless to
call nflog_bind_pf when nflog group of the input plugin is not 0.
Furthermore, as only one plugin can be bound to nflog group 0, it
is mandatory to call nflog_bind_pf for all pf family when the group
is 0.
To sum up, this patch suppress the adressfamily parameter (which
simplify the configuration file) and call nflog_bind_pf for all
pf family when the nflog group of the instance is 0.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
The nflog_bind_pf function was called for each NFLOG instance. This patch
modifies the behaviour to have it call if and only if the nfgroup is set
to 0. As the kernel uses only the 0 group to output subsystem messages,
this change clarify the situation.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
This patch cleans up the current key assignation by introducing a
set of functions ukey_* to set the key value as Eric Leblond and
we discussed during the latest Netfilter Workshop. This patch is
based on an idea from Holger Eitzenberger.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
libdbi implements a database-independent abstraction layer in C, similar to
the DBI/DBD layer in Perl.
This module brings support for all database types supported by libdbi.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
| |
libdbi is a database-independent abstraction layer in C, similar
to the DBI/DBD layer in Perl.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
| |
Explicitly link with libpthread. This allows to run ulogd within gdb,
else it fails with message: Cannot find new threads: generic error
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
When len is 0 (for ex. when the input mac is NULL), parse_mac2str tries
to calloc a 0-bytes bloc, which leads to a conditional jump based
on uninitialized value (spotted by valgrind).
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
| |
|
|
|
|
|
| |
This patch removes NFLOG_RMEM_DEFAULT which is a reminiscent of the
initial development of NFLOG which is based on the ULOG plugin.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
This patch removes useless checkings.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
MAC2STR has been renamed to HWHDR.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
This fixes a segfault when RAW_MAC key is NULL in MAC2STR plugin.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
