Version 2.00alpha (2004-Oct-03) - Total re-work. ulogd2 is almost unrelated to the ULOG netfilter target. Instead, it has become a generic logging framework for anything from firewall logs, flow-based accounting to kernel network performance statistics. Version 1.10 (2003-Oct-xx) - Change format of configuration file. Now every plugin has it's own section in the config file, making the whole parsing procedure easier - and eliminating multiple loading of .so plugins. (Magnus Boden) - Make the config file format completely syntax compatible with .ini style files - Add a new 'SYSLOG' plugin for real syslogging Version 1.02 (2003-Oct-08) - fix printout of time information in ulogd_LOGEMU.c Version 1.01 (2003-Aug-23) - use $(LD) macro in order to provide cross-compiling/linking support - add 'rmem' configuration key to set the netlink socket rmem buffsize - don't use kernel header files for IP/TCP header definitions - various cosmetic cleanup to compile with -Wall - fix usage of libmysqlclient: call mysql_init() before mysql_real_connect - don't have LOGEMU read the system time, ulogd_LOCAL.so does this already Version 1.00 (2003-Mar-06) - update documentation to reflect recent additions - renamed LOCALTIME plugin to LOCAL plugin, since it now also returns the hostname - cleanup #include statements - tcp.window is a 16bit value - always return tcp flags, even if they are not set [to not cause NULL entries in the database table - cosmetic fixes to acommodate most compiler warnings - moved location of conffile.h and ulog.h - big update to ulogd_PGSQL.c - more verbose error reporting when unable to load plugin - print usage information - add '--configfile' directive to allow multiple instances with multiple configfiles Version 0.98 - Fix MAC address printing if there is none (by Andrej Ota) - Add PostgreSQL support by Jakab Laszlo - Add Version Number (-V) commandline option - Make MYBUFSIZ a runtime config directive (Bogdan Dobrota) - Fix daemonize function (call setsid() and close stdin) - Add ulogd_PCAP output plugin (to use ethereal/tcpdump/... on the logs) - Update documentation to reflect kernel inclusion of ipt_ULOG module - Add ulogd_LOCALTIME 'interpreter' for providing the timestamp at the time of logging (Florent Aide) - Fix ulogd_LOGEMU 'PROTO=' printing in case of unknown l4 protocol - Add support for non-forking mode and logging to stderr (Alessandro Bono) Version 0.97 - added error handling after ipulog_read() to prevent endless loops Version 0.96 - support for old mysql versions (Alexander Janssen) - support for dotted-quad IP addresses in MySQL (Alexander Janssen) - added support for synchronous write to LOGEMU (Michael Stolovitzsky) - autoconf now checks for mysql .so libraries instead of static .a - autoconf now includes /usr/src/linux/include, because most distros now have a glibc-provided /usr/include/linux :( - removed ./configure from CVS tree as it may cause inconsistencies - better commented example configuration file - Makefiles now know DESTDIR (for RPM packaging) - documentation now built at release-time, not compile time - support for logfile-rotating, using new SIGHUP handler Version 0.95 - libipulog problems of 0.94 fixed - 1.0 now really soon Version 0.94 - fixed stupid build problem because of missing libipulog (i'll never try to be intelligent again ;)) Version 0.93 - fixes logfile bug: wrong filename and line numbers printed - fixes config file parsing, new generic get_word() in conffile.c - fixes bug in ulogd_LOGEMU.c on big-endian systems - fixes segfault when packet received but no interpreters registered (reported by Drori Ghiora) - sigterm handler installed for clean shutdown - logfile now fflush()ed after each line printed - ulogd_LOGEMU now prints date and hostname, just as syslog does Version 0.92 - fixes libipulog loop-bug (reported by Drori Ghiora) Version 0.91 - changes for new kernel ULOG. Includes support for multilink netlink messages. Version 0.9 - configuration file routines - plugins are able to register new configfile keys - new MYSQL output plugin - new syslog compatibility output plugin Version 0.3 - new PWSNIFF interpreter plugin - verbose error reporting Version 0.2 - real daemon, we are forking now