| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Rename internal keyname ip6.payload_len to remove "_"
to facilitate this.
|
|
|
|
|
|
| |
It seems that some version of MySQL were more delicate about comment
in procedure. THis patch fixes a problem with a procedure comment
and fix the inner code which was not using the correct variable.
|
|
|
|
|
|
|
| |
The use of delimiter was not correct in the MySQL schema. This patch
fixes this issue my correctly switching from ";" to "$$" when needed.
Based on a patch by Bruno Friedmann <bruno@ioda-net.ch>
|
|
|
|
|
|
|
|
| |
This patch adds support for SCTP in the MySQL and PGSQL
output plugins. It adds a dedicated SCTP table and modifies
the insert_packet_full procedure.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for logging the destination mac address and
raw header in the SQL databases.
In case of an ethernet header, a tuple (mac_saddr,mac_daddr,mac_proto)
is logged only once.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
This patch modifies the SQL schema for MySQL and PostgreSQL to store
the mac address only once (instead of duplicating the mac address for
each packet). This is done by using a shared reference to the entry
containing the tuple (mac_address,mac_protocol).
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
|
|
| |
can be used to determine if the packet has been dropped, rejected or accepted.
The meaning of label is completely user-defined.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
| |
Update view_tcp_quad and view_udp_quad.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
| |
|
|
|
|
|
|
|
| |
accross the stack NFCT IP2BIN MYSQL.In fact IP2BIN out .bin suffixed
fields.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
patch also removes mac_daddr which does not provide any interesting
logging information.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
adds the capability to know where the packet has been logged and will be used
to make a link between connection and logged packets.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
| |
Add Icmpv6 support to SQL schema.
|
|
|
|
|
| |
This patch adds an state extension to SQL schema. This can be used to store
the information about the packet being dropped or accepted.
|
|
|
|
|
| |
SQL standard says a function has to be called with SELECT and not CALL.
This patch modify code accordingly.
|
|
|
|
| |
This patch fixes some small typo in MySQL schema.
|
|
|
|
| |
This patch adds oob_family to the schema. Thus it is now possible to easily select IPv4 or IPv6 entries in the database. This patch also explicitly selects fields to create view.
|
|
|
|
| |
Add insert functions for the PostgreSQL version
|
|
This patch adds new SQL schema for MySQL and PGsql. The goal is to improve the one line per entry format. There is no more a big table with all fields because this sort of storage is causing bad performance (databases don't like to have a lot of NULL fields to store).
Main changes are :
* Add new schema for MySQL and PGsql
* Use call to configurable procedure in SQL OUTPUT modules
* Arguments of a procedure are given by the list of fields of a selected table
|