| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
| |
This patch adds an optional ring buffer option which modify
the way database queries are made. The main thread is only handling
kernel message reading and query formatting. The SQL request is made
in a separate dedicated thread.
The idea is to try to avoid buffer overrun by minimizing the time
requested to treat kernel message. Doing synchronous SQL request, as
it was made before was causing a delay which could cause some messages
to be lost in case of burst from kernel side.
|
|
|
|
|
| |
Use an offset approach to get the start of values printing area. It
is more generic and will be use soon.
|
|
|
|
|
| |
The field is currently only used in a single function as a string
pointer and can thus be removed from the db instance structure.
|
|
|
|
|
|
|
| |
This patch is adding a mechanism to store query in a backlog build
in memory. This allow to store events during downtime in memory and
realize the effective insertion when the database comes back.
A memory cap is used to avoid any memory flooding.
|
|
|
|
| |
Nullify sqlite3 handler at deinit.
|
|
|
|
| |
Nullify mysql handler at deinit.
|
|
|
|
| |
Clean postgresql handler at deinit.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ulogd has automagic deps for several output plugins right now, namely dbi,
pcap and sqlite3. These plugins are built if the appropriate libs are present
on user's system. While this situation is fine with binary distros it is not OK
on source-based ones such as Gentoo.
The problem arises when such a program links against libs without user's
request and libs are later removed from system which leaves program in a
broken state.
This patch is modifying configure.ac which we apply in our package and which
fixes mentioned issue. It adds 3 new configure options: --
without-{dbi,pcap.sqlite}. I would like to emphasize that this patch doesn't
change default behaviour of configure script at all, so all other distros won't
suffer. We simply add options to explicitly disable any attempts to try and
detect libs for automagic deps, which is enough to avoid unnecessary linkage.
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 3179bd4de89de7c2388849f5bc48e8f5aad9e5b9.
Pointing to the wrong place. This is not the file descriptor
that ulogd is leaking.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Joan Touzet reported that file descriptor 3 was not ever closed
in the exit path of the parent process:
open("ulogd.conf", O_RDONLY) = 3
That corresponds to the the file descriptor that was used to
parse the configuration file was not closed.
This closes: http://bugzilla.netfilter.org/show_bug.cgi?id=793
Reported-by: Joan Touzet <joant@cloudant.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
The "registering plugin" message is not really useful as the message
is really explicit if a plugin is missing.
|
|
|
|
|
|
|
| |
If conntrack object sent by connection tracking system is containing
a timestamp we use it instead of a gettimeofday() based counter.
Signed-off-by: Eric Leblond <eric@regit.org>
|
|
|
|
|
| |
Update release number and delete Changes file because we can use
git changelog fot that.
|
|
|
|
| |
Get rid of ULOG only documentation and adds some new stuffs.
|
| |
|
| |
|
|
|
|
|
| |
When an argument or a line is too long, it can not be store
into ulogd configuration and this must results in a error.
|
| |
|
|
|
|
|
| |
This patch adds a call to access to check the readability of the
configuration file.
|
| |
|
|
|
|
| |
Try to sync TODO with real state of the project.
|
|
|
|
|
|
|
|
| |
It seems a cast of time_t is needed for i386 system to avoid a
crash. I've added a cast to uint64_t that should be ok on all
Linux system.
Reported-by: netfilter@openenterprise.co.uk
|
|
|
|
| |
Recently introduced addr.h was missing from Makefile.am.
|
| |
|
|
|
|
|
| |
clang is complaining about missing = being a gnu extension. This
patch adds equal sign to fix the warning.
|
| |
|
|
|
|
|
| |
It seems Z is a libc5 only format modifier. Using standard 'z'
instead.
|
|
|
|
| |
This patch also update some copyright and licence declaration.
|
|
|
|
|
|
| |
This patch adds a '-l' option which can be used to setup ulogd
loglevel. Command line option has precedence on the configuration
file one.
|
|
|
|
|
|
| |
This patch adds a flag to the config_entry structure to be able to
tune setup. First usage is to ask config parser not to update a key
if it has been already set.
|
|
|
|
|
| |
If can be painful to have to check the logfile, so this patch adds
a '-v' option which display logs message to stderr.
|
|
|
|
|
| |
This patch fixes a compilation warning related to a signed and
unsigned integer comparison.
|
|
|
|
|
|
|
| |
This patch adds a new configuration variable which is used to limit
conntrack event to connection of these protocols:
For example:
accept_proto_filter=tcp,sctp
|
|
|
|
|
|
|
| |
This patch implements two filtering options in NFCT input plugin.
If 'accept_src_filter' is set to a network it will only catch the
event where the source is that specific network. 'accept_dst_filter'
does the same for the destination.
|
| |
|
|
|
|
|
| |
nfctp_callback_register was called on the regular handler instead
of begin called on the newly opened handler dedicated to the dump.
|
|
|
|
|
|
|
| |
Graphite is a web application which provide real-time visualization
and storage of numeric time-series data. This patch adds a module
named GRAPHITE which sends NFACCT accounting data to a graphite
server.
|
| |
|
|
|
|
|
| |
Rename internal keyname ip6.payload_len to remove "_"
to facilitate this.
|
|
|
|
| |
Add 'schema' variable to look into corresponding schema.
|
|
|
|
| |
Mask should be applied after ntohl conversion.
|
|
|
|
|
|
|
|
| |
The flags retrieved from `pkg-config --cflags ...` are generally only
preprocessor flags (mostly -I to point to the directories), since
anything else would inconvenience downstream users.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
|
|
| |
There is no harm in putting the includes in the global AM_CPPFLAGS;
this can generally save number of compilations of a file when a
source file is used multiple times.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes this error:
make[3]: Entering directory "/home/jengelh/code/ulogd2/output"
CC ulogd_output_XML.lo
ulogd_output_XML.c:31:49: fatal error:
libnetfilter_acct/libnetfilter_acct.h: No such file or directory
(Note that pkgconfig-provided cflags are actually cppflags, so
I add ${LIBNETFILTER_ACCT_CFLAGS} to AM_CPPFLAGS.)
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
|
|
|
| |
/usr/share/automake-1.12/am/ltlibrary.am: warning:
'ulogd_output_SQLITE3.la': linking libtool libraries using a non-POSIX
archiver requires 'AM_PROG_AR' in 'configure.ac'
(one for each .la)
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
| |
Inclusion of libnetfilter_acct.h is not enough as the integer type
definition are not included in the header. So if NFCT is disable, the
compilation fails.
|
| |
|
|
|
|
|
| |
This patch modifies configure to display the list of plugins that
will be built.
|
| |
|