| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
This patch fixes a NULL dereference to the timestamp structure when
hashtable_add() fails, for example, because the hashtable is full.
Reported-by: Bernhard Schmidt <berni@birkenwald.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
This reverts commit 0ff525cb0506b2c043bc9df6d7e7b486c865bc38. A stable
and clean API should be provided if we choose to offer for external
module capability.
|
|
|
|
|
| |
This patch documents the "procedure" option in the database
plugin configurations.
|
|
|
|
|
|
|
| |
When procedure begins with INSERT* (without space), it considers it as an
INSERT statement.
Signed-off-by: Romain Bignon <romain@inl.fr>
|
|
|
|
|
| |
This patch modifies the procedure name parsing to be able to specify a
complete INSERT command.
|
|
|
|
|
|
|
|
|
|
| |
Split the 'resolve keys' step in two parts: first call the configure
fonction for all plugins (in reverse order), then loop again
to resolve the keys.
This allows dynamic construction of the input and output keys, even
for filter plugins.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
| |
This patch modifies Makefile.am to install the headers needed for
compilation of plugins outside of the source tree.
|
|
|
|
|
| |
This patch adds config.h inclusion in ulogd.h to be able to use all
defined value in the whole project.
|
|
|
|
| |
This patches frees an allocated buffer when ulogd is quitting.
|
|
|
|
|
| |
This patch adds support for AF_BRIDGE family. It synchronizes code of
IP2BIN module with the one of IP2STR.
|
|
|
|
|
| |
This patch suppresses all allocation and use a statically
created array instead.
|
|
|
|
|
| |
This patch suppresses explicit allocation and free for each packet and use
a statically created array instead.
|
|
|
|
|
| |
This patch suppresses explicit allocation and free for each packet
and use a statically created array instead.
|
|
|
|
|
| |
This patch modifies the interp function to avoid to do an explicit
allocation of memory.
|
|
|
|
|
| |
Timeout unit is 10ms and not 1ms. This patch fixes an invalid comment
in the configuration file.
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
This patch deletes the overrun timer in the destructor function.
|
|
|
|
|
| |
The oob_protocol does not fit into a smallint (IPv6 case for example).
This patch switches the length of the related field to an integer.
|
|
|
|
|
| |
This patch adds support for setting NFLOG threshold and timeout
from ulogd.
|
|
|
|
| |
This patch affect type and flag to PCAP input key.
|
|
|
|
|
| |
This patch adds a "optional" keyword to description of input key which are
optional when --info is used to dump information about a plugin.
|
|
|
|
|
| |
This patch fixes autotools warning about deprecated usage of INCLUDES in
Makefile.am.
|
|
|
|
|
|
|
| |
Some constructs in there are old-fashioned. Replace them by their
modern counterparts.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
|
|
| |
libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and
libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree.
libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
|
| |
The modules are pretty much bound to ulogd, and it does not seem
to make sense to specially version these.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
| |
install-sh is autogenerated.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
|
|
|
| |
ulogd_inpflow_NFCT.c: In function 'propagate_ct':
ulogd_inpflow_NFCT.c:483: error: 'IPPROTO_UDPLITE' undeclared (first use in this function)
(and more for IPPROTO_SCTP)
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
| |
This patch fixes a incorrect computing of the allocation size
of a string.
|
|
|
|
|
| |
Incorrect definition of a IPv6 input key handling function was causing
a crash in ulogd.
|
|
|
|
|
| |
This patch adds the display of the used logging file to look at if there
is a critical error.
|
|
|
|
|
| |
This patch replaces all MAC2STR occurences by HWHDR to sync with the
renaming of the plugin.
|
|
|
|
|
|
|
| |
This schema is designed for performance, by putting all fields in a
single table. It should be used in combination with plain INSERT.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
| |
This schema is designed for performance, by putting all fields in a
single table. It should be used in combination with plain INSERT.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
|
| |
This patch allows to connect to the server using the local (unix) socket,
thus not using a network socket and SSL encryption.
Local connection is used if host parameter is omitted or empty.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
| |
Some databases (e.g Oracle) return column name in uppercase, while
key name is in lowercase. This patch allows to match keys correctly.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
|
|
| |
If the procedure name specified in configuration is INSERT, than use
a regular insertion instead of a stored procedure.
This should be used when performance is needed, with a flat SQL schema,
to reduce the cost of SQL procedure calls.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
| |
Constraints on TCP/UDP port number validity are useless and only slow
down insertions.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the behaviour of the NFLOG input plugin to fix an
issue related to kernel older than 2.6.29. The call to nflog_bind_pf()
that can be necessary to receive packet from the nfnetlink_log was only
done if the used group was 0 (system logging). This is logic for the
newest kernel (NFLOG really sends message to nfnetlink_log and not to
the nf_log logger). But this is unsufficient for older one. By forcing
the binding with the new configuration variable bind, it is now possible
to trigger the binding from the ulogd2 configuration file. This gives
users a way to be sure that ulogd will receive packets if the NFLOG
input plugin is used.
|
|
|
|
|
| |
Signed-off-by: Thomas Jacob <jacob@internet24.de>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
| |
Valgrind messages are obscur when the plugins are unloaded. This patch
adds a macro that can be used to desactivate unloading. To use it, you
have to specify 'CPPFLAGS=-DDEBUG_VALGRIND' on configure line.
|
|
|
|
|
| |
This patch fixes a memory leak in the destructor function which was not
releasing the memory allocated for each connection tracking entry.
|
|
|
|
| |
This patch modifies ulogd2 to have it free the stacks when leaving.
|
|
|
|
|
| |
This patch adds the config_stop function which is in charge of releasing
ressources allocated for configuration file parsing.
|
|
|
|
|
| |
This patch adds unloading of plugins (call dlclose()) in ulogd2. This
make valgrind happy and will be useful for daemon live reconfiguration.
|
|
|
|
|
| |
This patch modifies ulogd to intercept SIGINT signal
and quit nicely when this signal is received.
|
|
|
|
|
|
| |
The stop function of plugin was not called when ulogd2 was
preparing to quit. This patch adds a call to stop for all
plugins in each stack and free pluginstance.
|
|
|
|
| |
This patch fix a minor memory leak at NFLOG plugin exit.
|
|
|
|
|
| |
If we free pluginstance in the stop function we won't
be able to iter anymore on the stack linked list.
|
|
|
|
|
| |
This patch fixes some crashes in NFCT plugin that were triggered
by the call of the destructor_nfct function (during stop).
|
|
|
|
|
| |
gcc was warning that the return of the nice function should
be treated. This patch adds an error message in case of failure.
|