summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Get rid of SVN tag in comment.Eric Leblond2013-01-1831-70/+33
| | | | This patch also update some copyright and licence declaration.
* Add -l option to set log level from command lineEric Leblond2013-01-182-4/+15
| | | | | | This patch adds a '-l' option which can be used to setup ulogd loglevel. Command line option has precedence on the configuration file one.
* conf: add flag to allow option setup tuningEric Leblond2013-01-182-1/+6
| | | | | | This patch adds a flag to the config_entry structure to be able to tune setup. First usage is to ask config parser not to update a key if it has been already set.
* ulogd: add -v option to display message on stderr.Eric Leblond2013-01-061-8/+33
| | | | | If can be painful to have to check the logfile, so this patch adds a '-v' option which display logs message to stderr.
* addr: fix compilation warningEric Leblond2013-01-051-2/+2
| | | | | This patch fixes a compilation warning related to a signed and unsigned integer comparison.
* nfct: add protocol filterEric Leblond2013-01-052-2/+59
| | | | | | | This patch adds a new configuration variable which is used to limit conntrack event to connection of these protocols: For example: accept_proto_filter=tcp,sctp
* nfct: implement src and dst filterEric Leblond2013-01-052-2/+218
| | | | | | | This patch implements two filtering options in NFCT input plugin. If 'accept_src_filter' is set to a network it will only catch the event where the source is that specific network. 'accept_dst_filter' does the same for the destination.
* addr: add file containing addr utility functions.Eric Leblond2013-01-053-1/+132
|
* nfct: call register callback on opened handlerEric Leblond2013-01-051-1/+1
| | | | | nfctp_callback_register was called on the regular handler instead of begin called on the newly opened handler dedicated to the dump.
* Add GRAPHITE output module.Eric Leblond2012-12-273-1/+261
| | | | | | | Graphite is a web application which provide real-time visualization and storage of numeric time-series data. This patch adds a module named GRAPHITE which sends NFACCT accounting data to a graphite server.
* Add missing u64 function.Eric Leblond2012-12-211-0/+5
|
* Add additional ip6 header fields to database scriptsBob Hockney2012-12-197-31/+108
| | | | | Rename internal keyname ip6.payload_len to remove "_" to facilitate this.
* Handle postgresql schemas correctlyBob Hockney2012-12-192-4/+35
| | | | Add 'schema' variable to look into corresponding schema.
* Fix parsing of ipv6 flowlabel and tc fieldsBob Hockney2012-12-191-2/+2
| | | | Mask should be applied after ntohl conversion.
* build: move remaining preprocessor flags into CPPFLAGSJan Engelhardt2012-11-273-7/+7
| | | | | | | | The flags retrieved from `pkg-config --cflags ...` are generally only preprocessor flags (mostly -I to point to the directories), since anything else would inconvenience downstream users. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* build: avoid per-target CFLAGSJan Engelhardt2012-11-272-4/+2
| | | | | | | | There is no harm in putting the includes in the global AM_CPPFLAGS; this can generally save number of compilations of a file when a source file is used multiple times. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* build: resolve compile error due to missing nfacct CPPFLAGSJan Engelhardt2012-11-271-1/+1
| | | | | | | | | | | | | | Fixes this error: make[3]: Entering directory "/home/jengelh/code/ulogd2/output" CC ulogd_output_XML.lo ulogd_output_XML.c:31:49: fatal error: libnetfilter_acct/libnetfilter_acct.h: No such file or directory (Note that pkgconfig-provided cflags are actually cppflags, so I add ${LIBNETFILTER_ACCT_CFLAGS} to AM_CPPFLAGS.) Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* build: resolve automake-1.12 warningsJan Engelhardt2012-11-271-0/+1
| | | | | | | | | /usr/share/automake-1.12/am/ltlibrary.am: warning: 'ulogd_output_SQLITE3.la': linking libtool libraries using a non-POSIX archiver requires 'AM_PROG_AR' in 'configure.ac' (one for each .la) Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* XML: add missing includeEric Leblond2012-11-041-0/+2
| | | | | | Inclusion of libnetfilter_acct.h is not enough as the integer type definition are not included in the header. So if NFCT is disable, the compilation fails.
* Use PRIu64 to print unsigned 64bit intEric Leblond2012-11-042-2/+4
|
* configure: display info about build pluginsEric Leblond2012-11-041-2/+40
| | | | | This patch modifies configure to display the list of plugins that will be built.
* configure: add flag to disable NFLOG buildEric Leblond2012-11-043-4/+18
|
* configure: add flag to disable NFCT buildEric Leblond2012-11-043-2/+16
|
* configure: add flag to disable NFACCT buildEric Leblond2012-11-043-4/+17
| | | | | | It is now possible to pass the --disable-nfacct flag to disable compilation of NFACCT input plugin. Doing this the build of ulogd is possible on system where nfacct is not available.
* autoconf/ulogd: fix broken libpcap AM_CONDITIONALGustavo Zacarias2012-10-101-1/+1
| | | | | | | | The AM_CONDITIONAL lacks the opening bracket, hence it always evaluates as true, even if there's no libpcap found thus causing build breakage. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* bump version to 2.0.1ulogd-2.0.1Pablo Neira Ayuso2012-10-081-4/+4
| | | | | | | And update library dependency. Push users to upgrade to get fixes from library releases. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ipfix: fix bracket imbalance if IPPROTO_SCTP is definedThomas Jarosch2012-08-061-0/+1
| | | | | | | Detected by cppcheck. Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: update copyright and authors informationPablo Neira Ayuso2012-08-032-1/+5
| | | | | | | | Include Eric and myself in the copyright notice and the AUTHORS file since we're the most recurrent contributors (of course, after the original author of this software, Harald Welte). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* filter: IP2HBIN: fix compilation warning with gcc-4.7Pablo Neira Ayuso2012-08-031-1/+0
| | | | | | | ulogd_filter_IP2HBIN.c: In function 'interp_ip2hbin': ulogd_filter_IP2HBIN.c:122:6: warning: unused variable 'fret' [-Wunused-variable] Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ulogd.conf: slightly expand documentation on zerocounter option for nfacctPablo Neira Ayuso2012-08-031-1/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfacct: add timestamp optionEric Leblond2012-08-032-1/+34
| | | | | | | | | This patch adds a timestamp option to the nfacct plugin. If activated, nfacct output a timestamp which is computed just after sending the nfacct request. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: fix version that -V displaysPablo Neira Ayuso2012-08-0329-33/+31
| | | | | | | It was wrong, use VERSION constant which uses the version information available in configure.ac. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* input: NFCT: fix compilation warning with gcc-4.7Pablo Neira Ayuso2012-08-031-2/+0
| | | | | | | | CC ulogd_inpflow_NFCT_la-ulogd_inpflow_NFCT.lo ulogd_inpflow_NFCT.c: In function 'configure_nfct': ulogd_inpflow_NFCT.c:977:28: warning: unused variable 'cpi' [-Wunused-variable] Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* pgsql: only disable key if it starts with underscoreEric Leblond2012-08-031-2/+3
| | | | | | | | | | ulogd2 was magically making inactive the first key of description table. This patch improves this system by only doing so when the key start with an undescore. This way, system like nfacct which do not have a primary key can be implemented easily. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* pgsql schema: fix timestamp default valueEric Leblond2012-08-031-1/+1
| | | | | | | | | Set timestamp default value to now() not now which is the time at table creation. Reported-by: Mr Dash Four <mr.dash.four@googlemail.com> Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* pgsql schema: add nfacct tableEric Leblond2012-08-032-0/+30
| | | | | | | | This patch adds a nfacct table to the postgresql schema. It enables the storage of all counters at each poll. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfacct: add variable to not zero counter after readEric Leblond2012-08-032-9/+22
| | | | | | | | | | | | The default nfacct input plugin zeroes counter after each read. This is a limitation as other software can't use the counter at the same time as ulogd2. This patch adds the zerocounter variable to the NFACCT input plugin. If set to zero, the counters are not zeroed. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* sqlite3: Add more logging if database initialization fails.Michael Tremer2012-07-231-2/+6
| | | | | Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* NFCT: fix crash in polling mode if used by two stacksEric Leblond2012-07-201-5/+5
| | | | | | | | | | | | The polling timer initialisation code was put in the configurator code. It was then created for all instances. But only first one has a valid NFCT handle. This was resulting in a crash. This patch moves the timer initialisation in the constructor which is called only once on the main NFCT instance. Signed-off-by: Eric Leblond <eric@regit.org> Reported-by: Gomathivinayagam Muthuvinayagam <sankarmail@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* output: XML: display time for NFACCTPablo Neira Ayuso2012-06-222-2/+3
| | | | | | <obj><name>test</name><pkts>00000000000000000000</pkts><bytes>00000000000000000000</bytes><hour>17</hour><min>46</min><sec>47</sec><wday>6</wday><day>22</day><month>6</month><year>2012</year></obj> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* output: XML: support for NFACCT input pluginPablo Neira Ayuso2012-06-224-5/+44
| | | | | | | | | This patch extends XML plugin to support NFACCT. You can use the following line in ulogd.conf to test it: stack=acct1:NFACCT,xml1:XML Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add ULOGD_DTYPE_SUM for nfacct-based accountingPablo Neira Ayuso2012-06-223-3/+4
| | | | | | This new type will be used in flow-up patch to support XML output. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* build: require 1.0.0 of all librariesulogd-2.0.0Pablo Neira Ayuso2012-06-171-2/+2
| | | | | | | Bump library version requirement to relatively recent releases of all libraries (ie. 1.0.0 release). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* build: bump release version to 2.0.0Pablo Neira Ayuso2012-06-171-1/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: add documentation for SIGUSR2Björn Lässig2012-06-091-0/+3
| | | | | | | | | Signal SIGUSR2 makes plugin ulogd_inpflow_NFCT to * dump conntrack table * flush counters Signed-off-by: Björn Lässig <laessig@bitformer.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* pcap: resolve unreliable detectionJan Engelhardt2012-06-052-6/+5
| | | | | | | | | | | | pcap is not found reliably by either --with-pcap=%_prefix or --with-pcap-lib=%_libdir --with-pcap-inc=%_includedir. If you have any special paths, just use ./configure CPPFLAGS="-I/my/pcap" LDFLAGS="-L/my/pcap" (And -lpcap is already known so no need to specify that.) Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* nfacct: resolve build failureJan Engelhardt2012-06-051-3/+3
| | | | | | | | | | | CC ulogd_inpflow_NFACCT_la-ulogd_inpflow_NFACCT.lo ulogd_inpflow_NFACCT.c:24:27: fatal error: libmnl/libmnl.h: No such file or directory compilation terminated. LIBS is not interchangeable with C(PP)FLAGS. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* sqlite: resolve compiler warningsJan Engelhardt2012-06-051-1/+1
| | | | | | | | | | | | | | | | In file included from /usr/include/string.h:642:0, from ulogd_output_SQLITE3.c:34: In function 'strncat', inlined from 'db_count_cols' at ulogd_output_SQLITE3.c:306:9, inlined from 'sqlite3_init_db' at ulogd_output_SQLITE3.c:328:11: /usr/include/bits/string3.h:152:3: warning: call to __builtin___strncat_chk might overflow destination buffer [enabled by default] I: Statement might be overflowing a buffer in strncat. Common mistake: BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1) E: ulogd2 bufferoverflowstrncat ulogd_output_SQLITE3.c:328:11 Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* build: use pkglibdir instead of pkglibexecdir for automakeBjörn Lässig2012-05-1813-36/+36
| | | | | | | | | | | This fixes the following problem while running `autoreconf -fi` `pkglibexecdir' is not a legitimate directory for `LTLIBRARIES' variable `ulogd_filter_PRINTPKT_la_SOURCES' is defined but no program or library has `ulogd_filter_PRINTPKT_la' as canonical name (possible typo) Signed-off-by: Björn Lässig <laessig@bitformer.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* NFCT: add `reliable' config option to enable reliable flow-based loggingPablo Neira Ayuso2012-03-052-1/+19
| | | | | | | | | | | | Reliability comes at the cost of dropping new flows if the destroy event that ctnetlink delivers to us is lost. Under heavy stress this may imply dropping packets, you've been warned. If you do want not to lose one single flow-logging information, enable this. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>