From bb6bfd9c582f2eaad393803da800df5ac9aa0a9f Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 2 Jun 2008 01:38:52 +0200
Subject: improve overrun handling NFLOG

This patch improves the overrun handling. The NFLOG plugin duplicates the
netlink buffer size if the size does not goes after the upper boundary.
This patch also introduces two new clauses, the netlink_socket_buffer_size
and netlink_socket_buffer_maxsize that set the size of the netlink socket
buffer.
---
 ulogd.conf.in | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'ulogd.conf.in')

diff --git a/ulogd.conf.in b/ulogd.conf.in
index a63026a..be5e585 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -94,6 +94,8 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
 [log1]
 # netlink multicast group (the same as the iptables --nflog-group param)
 group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
 
 # IPv6 logging through NFLOG
 [log2]
-- 
cgit v1.2.3