Trim down ulogd.conf
This commit is contained in:
parent
d543557901
commit
7914e6462b
55
ulogd.conf
55
ulogd.conf
|
@ -7,46 +7,20 @@ logfile="syslog"
|
||||||
# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
|
# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
|
||||||
loglevel=3
|
loglevel=3
|
||||||
|
|
||||||
######################################################################
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so"
|
||||||
# PLUGIN OPTIONS
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so"
|
||||||
######################################################################
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IFINDEX.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2STR.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2BIN.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTPKT.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_HWHDR.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTFLOW.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_LOGEMU.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PGSQL.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so"
|
||||||
|
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_JSON.so"
|
||||||
|
|
||||||
# We have to configure and load all the plugins we want to use
|
# System packet logging
|
||||||
|
|
||||||
# general rules:
|
|
||||||
#
|
|
||||||
# 0. don't specify any plugin for ulogd to load them all
|
|
||||||
# 1. load the plugins _first_ from the global section
|
|
||||||
# 2. options for each plugin in seperate section below
|
|
||||||
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_ULOG.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_UNIXSOCK.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IFINDEX.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2STR.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2BIN.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2HBIN.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTPKT.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_HWHDR.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTFLOW.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_MARK.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_LOGEMU.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SYSLOG.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_XML.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SQLITE3.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GPRINT.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_NACCT.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PCAP.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PGSQL.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_MYSQL.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_DBI.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFACCT.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GRAPHITE.so"
|
|
||||||
#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_JSON.so"
|
|
||||||
|
|
||||||
# this is a stack for logging packet send by system via LOGEMU
|
|
||||||
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
|
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
|
||||||
|
|
||||||
# Packet logging
|
# Packet logging
|
||||||
|
@ -56,14 +30,11 @@ stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,print1:PR
|
||||||
stack=ct1:NFCT,ip2str1:IP2STR,printflow1:PRINTFLOW,json2:JSON
|
stack=ct1:NFCT,ip2str1:IP2STR,printflow1:PRINTFLOW,json2:JSON
|
||||||
stack=ct1:NFCT,ip2bin1:IP2BIN,pgsql1:PGSQL
|
stack=ct1:NFCT,ip2bin1:IP2BIN,pgsql1:PGSQL
|
||||||
|
|
||||||
|
|
||||||
# Logging of system packet through NFLOG
|
|
||||||
[log1]
|
[log1]
|
||||||
# netlink multicast group (the same as the iptables --nflog-group param)
|
# netlink multicast group (the same as the iptables --nflog-group param)
|
||||||
# Group O is used by the kernel to log connection tracking invalid message
|
# Group O is used by the kernel to log connection tracking invalid message
|
||||||
group=0
|
group=0
|
||||||
|
|
||||||
# General packet logging
|
|
||||||
[log2]
|
[log2]
|
||||||
# Group has to be different from the one use in log1
|
# Group has to be different from the one use in log1
|
||||||
group=1
|
group=1
|
||||||
|
|
Loading…
Reference in a new issue