From 4bc3b22e426db1e592071ec2853fbd81525d4a61 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 5 Mar 2012 23:57:44 +0100
Subject: NFCT: add `reliable' config option to enable reliable flow-based
 logging

Reliability comes at the cost of dropping new flows if the
destroy event that ctnetlink delivers to us is lost. Under
heavy stress this may imply dropping packets, you've been
warned.

If you do want not to lose one single flow-logging information,
enable this.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 ulogd.conf.in | 1 +
 1 file changed, 1 insertion(+)

(limited to 'ulogd.conf.in')

diff --git a/ulogd.conf.in b/ulogd.conf.in
index b33e69c..cf6987b 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -122,6 +122,7 @@ plugin="@pkglibexecdir@/ulogd_inpflow_NFACCT.so"
 [ct2]
 #netlink_socket_buffer_size=217088
 #netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
 hash_enable=0
 
 # Logging of system packet through NFLOG
-- 
cgit v1.2.3