WebSVN – ALCASAR – Diff – /conf/ulogd-sample.conf

 # Example of a simple configuration for ulogd with ALCASAR
 [global]
 ######################################################################
 # GLOBAL OPTIONS
 ######################################################################
-# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+user="ulogd"
-nlgroup=1
+group="ulogd"
 # logfile for status messages
-logfile="/var/log/ulogd.log"
+logfile="/var/log/ulogd/ulogd.log"
-# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
-loglevel=5
-# socket receive buffer size (should be at least the size of the
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
-# in-kernel buffer (ipt_ULOG.o 'nlbufsiz' parameter)
-rmem=131071
+#loglevel=8
-# libipulog/ulogd receive buffer size, should be > rmem
-bufsize=150000
 ######################################################################
 # PLUGIN OPTIONS
 ######################################################################
 # general rules:
 # 1. load the plugins _first_ from the global section
 # 2. options for each plugin in seperate section below
+plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
-# ulogd_BASE.so - interpreter plugin for basic IPv4 header fields
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
+plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
-plugin="/usr/lib64/ulogd/ulogd_BASE.so"
+plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
-# output plugins.
+# this is a stack for ULOG packet-based logging via LOGEMU
-plugin="/usr/lib64/ulogd/ulogd_LOGEMU.so"
+stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+[ulog1]
+nlgroup=CHANGEVALUE

Subversion Repositories ALCASAR

(root)/conf/ulogd-sample.conf @ 2923 – Rev 1375 → 1452