| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Some uClibc-based toolchains lack threading support, so use
AC_SEARCH_LIB instead of AC_CHECK_LIB to check for libpthread
availability and link conditionally if found since it's only used for
the database backends.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
|
|
|
|
|
|
| |
This patches update the daemonization code. It is done earlier and
it uses the daemon(à function which is used for daemonization by
most projects.
Signed-off-by: Eric Leblond <eric@regit.org>
|
|
|
|
|
|
|
|
|
|
| |
This patch improves latest patch by splitting in two part the pid
file creation. This allows to display a message to stdout when
ulogd can not be started. Another linked improvement is that the
plugin initialization is not done if the pid file existence will
result in a ulogd exit.
Signed-off-by: Eric Leblond <eric@regit.org>
|
|
|
|
|
|
|
|
| |
The deamon currently does not have the ability to write a PID file to track its
process ID. This is very useful to an init script and to ensure there is only
one running instance. This patch implements this functionality.
Signed-off-by: Chris Boot <bootc@bootc.net>
|
|
|
|
|
|
|
|
| |
The daemon code currently tries to nice(-1) just after having given up root
privileges, which fails. This patch moves the nice(-1) call to just before
the code that gives up the required privileges.
Signed-off-by: Chris Boot <bootc@bootc.net>
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds an optional ring buffer option which modify
the way database queries are made. The main thread is only handling
kernel message reading and query formatting. The SQL request is made
in a separate dedicated thread.
The idea is to try to avoid buffer overrun by minimizing the time
requested to treat kernel message. Doing synchronous SQL request, as
it was made before was causing a delay which could cause some messages
to be lost in case of burst from kernel side.
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 3179bd4de89de7c2388849f5bc48e8f5aad9e5b9.
Pointing to the wrong place. This is not the file descriptor
that ulogd is leaking.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Joan Touzet reported that file descriptor 3 was not ever closed
in the exit path of the parent process:
open("ulogd.conf", O_RDONLY) = 3
That corresponds to the the file descriptor that was used to
parse the configuration file was not closed.
This closes: http://bugzilla.netfilter.org/show_bug.cgi?id=793
Reported-by: Joan Touzet <joant@cloudant.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
The "registering plugin" message is not really useful as the message
is really explicit if a plugin is missing.
|
|
|
|
|
| |
When an argument or a line is too long, it can not be store
into ulogd configuration and this must results in a error.
|
|
|
|
|
| |
This patch adds a call to access to check the readability of the
configuration file.
|
| |
|
|
|
|
| |
This patch also update some copyright and licence declaration.
|
|
|
|
|
|
| |
This patch adds a '-l' option which can be used to setup ulogd
loglevel. Command line option has precedence on the configuration
file one.
|
|
|
|
|
|
| |
This patch adds a flag to the config_entry structure to be able to
tune setup. First usage is to ask config parser not to update a key
if it has been already set.
|
|
|
|
|
| |
If can be painful to have to check the logfile, so this patch adds
a '-v' option which display logs message to stderr.
|
|
|
|
|
| |
This patch fixes a compilation warning related to a signed and
unsigned integer comparison.
|
| |
|
|
|
|
|
|
|
|
| |
Include Eric and myself in the copyright notice and the AUTHORS file
since we're the most recurrent contributors (of course, after the
original author of this software, Harald Welte).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
It was wrong, use VERSION constant which uses the version
information available in configure.ac.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The variable contains global libraries linked into every possible
object, which is unwanted. Clean up things.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds reference counting for plugins. This is used to fix
a double stop for input plugins that are reused.
This problem was reported by Salih Gonullu <sag@open.ch>:
http://marc.info/?l=netfilter&m=129439584700693&w=2
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
We must not override CFLAGS, because that will break when the user
overrides CFLAGS again at make time (which he is entitled to). So,
name our CFLAGS regular_CFLAGS, and also include that across all
Makefiles so that they are actually uesd for all the code.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
| |
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a bug that makes ulogd loops forever while
propagating inputs to the output plugin. It is reproducible
if you re-use three or more plugin instances. The problem is
that the parameters in the list addition are in incorrect
order.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
This patch fixes the following error that is displayed if we send
SIGHUP to reopen the logfile:
ulogd.c:904 select says Interrupted system call
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
This patch replaces the existing hashtable implementation with
a newer that provide better performance since it reduces the
number of hash computations.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
This patch remove -lpthread that was introduced time ago to
workaround a problem in gdb.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
Split the 'resolve keys' step in two parts: first call the configure
fonction for all plugins (in reverse order), then loop again
to resolve the keys.
This allows dynamic construction of the input and output keys, even
for filter plugins.
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
|
|
|
|
|
| |
This patch adds a "optional" keyword to description of input key which are
optional when --info is used to dump information about a plugin.
|
|
|
|
|
|
| |
install-sh is autogenerated.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
|
|
|
| |
This patch adds the display of the used logging file to look at if there
is a critical error.
|
|
|
|
|
|
| |
Valgrind messages are obscur when the plugins are unloaded. This patch
adds a macro that can be used to desactivate unloading. To use it, you
have to specify 'CPPFLAGS=-DDEBUG_VALGRIND' on configure line.
|
|
|
|
| |
This patch modifies ulogd2 to have it free the stacks when leaving.
|
|
|
|
|
| |
This patch adds the config_stop function which is in charge of releasing
ressources allocated for configuration file parsing.
|
|
|
|
|
| |
This patch adds unloading of plugins (call dlclose()) in ulogd2. This
make valgrind happy and will be useful for daemon live reconfiguration.
|
|
|
|
|
| |
This patch modifies ulogd to intercept SIGINT signal
and quit nicely when this signal is received.
|
|
|
|
|
|
| |
The stop function of plugin was not called when ulogd2 was
preparing to quit. This patch adds a call to stop for all
plugins in each stack and free pluginstance.
|
|
|
|
|
| |
This patch fixes some crashes in NFCT plugin that were triggered
by the call of the destructor_nfct function (during stop).
|
|
|
|
|
| |
gcc was warning that the return of the nice function should
be treated. This patch adds an error message in case of failure.
|
|
|
|
|
|
|
|
| |
Explicitly link with libpthread. This allows to run ulogd within gdb,
else it fails with message: Cannot find new threads: generic error
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
This patch fixes some improper initialization in ulogd.c.
Signed-off-by: Eric Leblond <eric@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
This patch fixes the warning related to signed and unsigned comparaison.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
| |
This patch fixes some gcc warnings:
* Unused variables
* Functions with wrong return (or without return)
Signed-off-by: Eric Leblond <eric@inl.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
The config file parsing was not able to parse integer given in hex notation.
This patch modify the parsing of configfile to be able to use different
integers notation.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
| |
When a plugin returns ULOGD_IRET_STOP, the propagation should
stop. This was not the case as break was used to do so but it was called
inside a switch and thus apply to the switch instruction and not to
the llist iteration.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
| |
crash due to ulogd_logfile set to a string allocated on stack by config_parse_file
|
|
|
|
|
|
|
|
| |
This patch introduces a generic hashtable to store the nf_conntrack objects.
The objects are identified by the original and reply tuples instead of the
conntrack ID which is not dumped in the event message of linux kernel < 2.6.25.
This patch also fixes the NFCT_MSG_* by NFCT_T_* which is the appropriate
message type tag.
|