| 1,26 → 1,21 |
|---|
| # Example of a simple configuration for ulogd with ALCASAR |
| |
| [global] |
| |
| ###################################################################### |
| # GLOBAL OPTIONS |
| ###################################################################### |
| |
| # netlink multicast group (the same as the iptables --ulog-nlgroup param) |
| nlgroup=1 |
| user="ulogd" |
| group="ulogd" |
| |
| # logfile for status messages |
| logfile="/var/log/ulogd.log" |
| logfile="/var/log/ulogd/ulogd.log" |
| |
| # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) |
| loglevel=5 |
| # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5) |
| #loglevel=8 |
| |
| # socket receive buffer size (should be at least the size of the |
| # in-kernel buffer (ipt_ULOG.o 'nlbufsiz' parameter) |
| rmem=131071 |
| |
| # libipulog/ulogd receive buffer size, should be > rmem |
| bufsize=150000 |
| |
| ###################################################################### |
| # PLUGIN OPTIONS |
| ###################################################################### |
| 31,9 → 26,16 |
|---|
| # 1. load the plugins _first_ from the global section |
| # 2. options for each plugin in seperate section below |
| |
| # ulogd_BASE.so - interpreter plugin for basic IPv4 header fields |
| plugin="/usr/lib64/ulogd/ulogd_BASE.so" |
| plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" |
| plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" |
| plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" |
| plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" |
| plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" |
| plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" |
| plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" |
| |
| # output plugins. |
| plugin="/usr/lib64/ulogd/ulogd_LOGEMU.so" |
| # this is a stack for ULOG packet-based logging via LOGEMU |
| stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU |
| |
| [ulog1] |
| nlgroup=CHANGEVALUE |