| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
| |
This patch fixes the type of some fields in the SQL schema to sync
with datatype of the corresponding ulogd2 keys.
|
|
|
|
| |
Description of ULOGD_RET_IPADDR was incorrect in information display mode.
|
|
|
|
|
| |
This patch adds an state extension to SQL schema. This can be used to store
the information about the packet being dropped or accepted.
|
|
|
|
|
| |
SQL standard says a function has to be called with SELECT and not CALL.
This patch modify code accordingly.
|
|
|
|
| |
This patch fixes some small typo in MySQL schema.
|
|
|
|
| |
This patch adds oob_family to the schema. Thus it is now possible to easily select IPv4 or IPv6 entries in the database. This patch also explicitly selects fields to create view.
|
|
|
|
|
| |
Change from procedure to function in mysql schema adds the need to free MySQL
result after request.
|
|
|
|
|
| |
With this patch, BASE filter module is able fill oob_family when parsing IPv6
address.
|
|
|
|
| |
OOB_FAMILY output was not set by NFLOG because the key was not set as valid.
|
|
|
|
| |
Fix a bug in IPv4 output of IP2BIN module.
|
|
|
|
|
| |
MySQL need no to be able to print RAW data to be able to display
IP addresses.
|
|
|
|
| |
Fix description and indenting (cleanups)
|
|
|
|
|
| |
This module convert IP from internal notation to a string in binary notation
which is used by the MySQL output plugin.
|
|
|
|
| |
Mark ID as inactive (sequence in pg schema)
|
|
|
|
| |
Fix incorrect options for PGsql module.
|
|
|
|
|
| |
- This patch suppress key relative to IPv6 address because IPv4 and IPv6 can be stored in the same key.
- Add missing IP2STR line to ulogd.conf.in
|
|
|
|
| |
This module is a generic module which is used to convert an IP from internal representation to string representation. This is a task needed by several modules like printpkt or pgsql. This module factorizes the code.
|
|
|
|
| |
MySQL client library does not reconnect automatically since 5.0.
|
|
|
|
| |
Request at least autoconf 2.50 (needed for large file support macro).
|
|
|
|
|
| |
Display filename in the other error case.
Based on Marius Tomaschewski work.
|
|
|
|
|
| |
Changed to show pcap file name when open failed.
Based on Marius Tomaschewski work.
|
|
|
|
|
| |
Put O at the real end of the string.
Based on Marius Tomaschewski work.
|
|
|
|
|
| |
Add some missing line break.
Based on Marius Tomaschewski work.
|
|
|
|
|
| |
For OPRINT, changed sighup_handler_print to fallback to continue using old descriptor on new file opening failure.
Based on Marius Tomaschewski work.
|
|
|
|
|
| |
Added explicit null termination of the hostname buffer
This patch is a backport of Marius Tomaschewski <mt@suse.de> work on ulogd.
|
|
|
|
|
|
| |
Changed sighup_handler_print to fallback to continue using old descriptor on new file opening failure.
This patch is a backport of Marius Tomaschewski <mt@suse.de> work on ulogd.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is difficult to find how to configure a plugin. This patch adds an info
option which can be used to display:
* Name
* Configuration variables
* Input keys
* Output keys
Output example:
/opt/ulogd2/sbin/ulogd --info /opt/ulogd2/lib/ulogd/ulogd_filter_IFINDEX.so
Name: IFINDEX
Input keys:
Key: oob.ifindex_in (unsigned int 32)
Key: oob.ifindex_out (unsigned int 32)
Output keys:
Key: oob.in (string)
Key: oob.out (string)
|
|
|
|
|
| |
This patch update the printflow output module to be able to print a
whole conntrack entry on a single line.
|
|
|
|
| |
This patch clarifies code which will be modified in next patch.
|
|
|
|
| |
Add insert functions for the PostgreSQL version
|
|
|
|
|
|
|
|
|
| |
This patch adds new SQL schema for MySQL and PGsql. The goal is to improve the one line per entry format. There is no more a big table with all fields because this sort of storage is causing bad performance (databases don't like to have a lot of NULL fields to store).
Main changes are :
* Add new schema for MySQL and PGsql
* Use call to configurable procedure in SQL OUTPUT modules
* Arguments of a procedure are given by the list of fields of a selected table
|
|
|
|
| |
renice to -1 on startup
|
|
|
|
| |
conffile cleanup, use common pr_debug()
|
|
|
|
| |
add common.h
|
|
|
|
| |
Add NACCT output plugin
|
|
|
|
|
|
|
|
|
|
| |
The following patch fixes MySQL and Pgsql output modules.
The callback function was not correctly initialized and this was leading
to a crash by calling the a NULL function. This patch correctly inits
the callback.
Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
The following patch fixes some indenting and typo in various ulogd2
files.
Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
| |
This patch stores the converted values from the configuration file
into the syslog instance structure.
Otherwise configuration parameters are senseless and only the
default values will be used.
Signed-off-by: Peter Warasin <peter@endian.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a workaround which prevents ulogd from logging each
time when recvfrom() returns error because of EAGAIN.
Since the netlink socket is now O_NONBLOCK, we probably run
into the following bug:
http://bugzilla.kernel.org/show_bug.cgi?id=5498
which causes recvfrom() get an error when select() had a good
return, whenever select() receives a packet with a bad checksum.
ipulog_read() always has this problem once after every successful
ipulog_read().
Signed-off-by: Peter Warasin <peter@endian.com>
[Note: this is not a workaround but correct handling of EAGAIN
on a non-blocking socket. -Patrick]
|
|
|
|
|
|
|
|
| |
This patch logs also the string representations ipulog:_strerror()
and strerror() when an error occurred during receivement of packets
within the ULOG plugin
Signed-off-by: Peter Warasin <peter@endian.com>
|
|
|
|
|
|
|
| |
Stores mac_len correctly, since within ULOG structire it is not stored
in network byte order.
Signed-off-by: Peter Warasin <peter@endian.com>
|
|
|
|
|
|
|
|
| |
When [global]'s logfile is syslog, ulogd should log it's own
mesasages (not the firewall log lines) to syslog, which it
does'nt because openlog() is missing. This patch adds openlog()
Signed-off-by: Peter Warasin <peter@endian.com>
|
|
|
|
|
|
|
| |
The ULOG input plugin of ulogd2 was not working. This patch fixes this
and cleans the code via introduction of an enum.
Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds an enum to get rid of access to array via numerical
index in NFLOG input plugin.
This replaces code like:
ret[0].flags |= ULOGD_RETF_VALID;
ret[11].u.value.ui16 = ntohs(hw->hw_addrlen);
with:
ret[NFLOG_KEY_RAW_MAC].flags |= ULOGD_RETF_VALID;
ret[NFLOG_KEY_RAW_MAC_LEN].u.value.ui16 = ntohs(hw->hw_addrlen);
which is more readable.
Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
- add a call to autoheader which is needed to compile ulogd2 from subversion.
- add a warning message to ulogd2 when it exits on error. It simply tell to look at the configuration file.
- add an empty section which is needed to have NFCT logging
working.
|
| |
|
|
|
|
|
| |
repeat by using symbolic names to make sure the assignment matches the array
index.
|
| |
|
|
|
|
| |
Leblond)
|
| |
|