Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
app-admin/ulogd-2.0.7 fails to create pid file
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Sun Jul 01, 2018 9:05 am    Post subject: app-admin/ulogd-2.0.7 fails to create pid file Reply with quote

I have just upgraded app-admin/ulogd to the latest version. It fails to start with the error
Quote:
start-stop-daemon: did not create a valid pid in `/run/ulogd.pid'

I assume that this is a permissions problem. Is there a fix or should I downgrade to the old version and wait for a fix? I prefer not to tamper with the init file.
[UPDATE]
I've just downgraded ulogd and have had the same problem. I've also tried changing the pid file folder writeable by the user ulog, but no luck
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Mon Jul 02, 2018 6:33 am    Post subject: Reply with quote

I suppose you've merged all changes to the configuration file. The new configuration file does now load all modules at start. You can also check ulogd's log for missing modules.
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Mon Jul 02, 2018 8:06 am    Post subject: Reply with quote

Thanks. I've used the new config file. I've uncommented the first stack and have left everything else unchanged:
Code:
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU

I get this:
Quote:
# /usr/sbin/ulogd --pidfile /run/ulogd.pid -v
Mon Jul 2 18:00:48 2018 <5> ulogd.c:744 loading all plugins at /usr/lib64/ulogd
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `HWHDR'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `IFINDEX'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `GRAPHITE'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `LOGEMU'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `OPRINT'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `PRINTFLOW'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `GPRINT'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `IP2BIN'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `XML'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `NFLOG'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `BASE'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `IP2HBIN'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `PWSNIFF'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `SYSLOG'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `MARK'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `NACCT'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `PRINTPKT'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `UNIXSOCK'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:407 registering plugin `IP2STR'
Mon Jul 2 18:00:48 2018 <5> ulogd.c:980 building new pluginstance stack: 'log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU'
Mon Jul 2 18:00:48 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 2
Mon Jul 2 18:00:48 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 10
Mon Jul 2 18:00:48 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 7
Mon Jul 2 18:00:48 2018 <7> ulogd_inppkt_NFLOG.c:552 unable to bind to log group 0
Mon Jul 2 18:00:48 2018 <7> ulogd.c:947 error starting `log1'
Mon Jul 2 18:00:48 2018 <8> ulogd.c:1596 not even a single working plugin stack
Fatal error.

I've been trying to get ulogd to write firewall logs to /var/log/ulogd/ulogd_syslogemu.log. My kernel has NFLOG compiled in:
Quote:
# lsmod |grep NFLOG
xt_NFLOG 16384 9
nfnetlink_log 20480 3 xt_NFLOG
x_tables 32768 12 xt_conntrack,iptable_filter,xt_multiport,xt_NFLOG,xt_tcpudp,ipt_REJECT,xt_CT,iptable_raw,ip_tables,xt_limit,iptable_mangle,xt_REDIRECT
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Mon Jul 02, 2018 8:11 am    Post subject: Reply with quote

Please post the complete configuration file.
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Mon Jul 02, 2018 11:13 am    Post subject: Reply with quote

Here it is:
Code:
# Example configuration for ulogd
# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>

[global]
######################################################################
# GLOBAL OPTIONS
######################################################################


# logfile for status messages
logfile="/var/log/ulogd.log"

# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
# loglevel=1

######################################################################
# PLUGIN OPTIONS
######################################################################

# We have to configure and load all the plugins we want to use

# general rules:
#
# 0. don't specify any plugin for ulogd to load them all
# 1. load the plugins _first_ from the global section
# 2. options for each plugin in seperate section below

#plugin="@pkglibdir@/ulogd_inppkt_NFLOG.so"
#plugin="@pkglibdir@/ulogd_inppkt_ULOG.so"
#plugin="@pkglibdir@/ulogd_inppkt_UNIXSOCK.so"
#plugin="@pkglibdir@/ulogd_inpflow_NFCT.so"
#plugin="@pkglibdir@/ulogd_filter_IFINDEX.so"
#plugin="@pkglibdir@/ulogd_filter_IP2STR.so"
#plugin="@pkglibdir@/ulogd_filter_IP2BIN.so"
#plugin="@pkglibdir@/ulogd_filter_IP2HBIN.so"
#plugin="@pkglibdir@/ulogd_filter_PRINTPKT.so"
#plugin="@pkglibdir@/ulogd_filter_HWHDR.so"
#plugin="@pkglibdir@/ulogd_filter_PRINTFLOW.so"
#plugin="@pkglibdir@/ulogd_filter_MARK.so"
#plugin="@pkglibdir@/ulogd_output_LOGEMU.so"
#plugin="@pkglibdir@/ulogd_output_SYSLOG.so"
#plugin="@pkglibdir@/ulogd_output_XML.so"
#plugin="@pkglibdir@/ulogd_output_SQLITE3.so"
#plugin="@pkglibdir@/ulogd_output_GPRINT.so"
#plugin="@pkglibdir@/ulogd_output_NACCT.so"
#plugin="@pkglibdir@/ulogd_output_PCAP.so"
#plugin="@pkglibdir@/ulogd_output_PGSQL.so"
#plugin="@pkglibdir@/ulogd_output_MYSQL.so"
#plugin="@pkglibdir@/ulogd_output_DBI.so"
#plugin="@pkglibdir@/ulogd_raw2packet_BASE.so"
#plugin="@pkglibdir@/ulogd_inpflow_NFACCT.so"
#plugin="@pkglibdir@/ulogd_output_GRAPHITE.so"
#plugin="@pkglibdir@/ulogd_output_JSON.so"

# this is a stack for logging packet send by system via LOGEMU
# UNCOMMENTED
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU

# this is a stack for packet-based logging via LOGEMU
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU

# this is a stack for ULOG packet-based logging via LOGEMU
#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU

# this is a stack for packet-based logging via LOGEMU with filtering on MARK
#stack=log2:NFLOG,base1:BASE,mark1:MARK,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU

# this is a stack for packet-based logging via GPRINT
#stack=log1:NFLOG,gp1:GPRINT

# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU

# this is a stack for flow-based logging via GPRINT
#stack=ct1:NFCT,gp1:GPRINT

# this is a stack for flow-based logging via XML
#stack=ct1:NFCT,xml1:XML

# this is a stack for logging in XML
#stack=log1:NFLOG,xml1:XML

# this is a stack for accounting-based logging via XML
#stack=acct1:NFACCT,xml1:XML

# this is a stack for accounting-based logging to a Graphite server
#stack=acct1:NFACCT,graphite1:GRAPHITE

# this is a stack for NFLOG packet-based logging to PCAP
#stack=log2:NFLOG,base1:BASE,pcap1:PCAP

# this is a stack for logging packet to MySQL
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL

# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL

# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON

# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG

# this is a stack for logging packets to syslog after a collect via NuFW
#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG

# this is a stack for flow-based logging to MySQL
#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL

# this is a stack for flow-based logging to PGSQL
#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL

# this is a stack for flow-based logging to PGSQL without local hash
#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL

# this is a stack for flow-based logging to SQLITE3
#stack=ct1:NFCT,sqlite3_ct:SQLITE3

# this is a stack for logging packet to SQLITE3
#stack=log1:NFLOG,sqlite3_pkt:SQLITE3

# this is a stack for flow-based logging in NACCT compatible format
#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT

# this is a stack for accounting-based logging via GPRINT
#stack=acct1:NFACCT,gp1:GPRINT

[ct1]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
#pollinterval=10 # use poll-based logging instead of event-driven
# If pollinterval is not set, NFCT plugin will work in event mode
# In this case, you can use the following filters on events:
#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
#accept_proto_filter=tcp,sctp # layer 4 proto of connections

[ct2]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#reliable=1 # enable reliable flow-based logging (may drop packets)
hash_enable=0

# Logging of system packet through NFLOG
[log1]
# netlink multicast group (the same as the iptables --nflog-group param)
# Group O is used by the kernel to log connection tracking invalid message
group=0
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
# set number of packet to queue inside kernel
#netlink_qthreshold=1
# set the delay before flushing packet in the queue inside kernel (in 10ms)
#netlink_qtimeout=100

# packet logging through NFLOG for group 1
[log2]
# netlink multicast group (the same as the iptables --nflog-group param)
group=1 # Group has to be different from the one use in log1
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
# group 0 is not used by any stack, you need to have at least one NFLOG
# input plugin with bind set to 1. If you don't do that you may not
# receive any message from the kernel.
#bind=1

# packet logging through NFLOG for group 2, numeric_label is
# set to 1
[log3]
# netlink multicast group (the same as the iptables --nflog-group param)
group=2 # Group has to be different from the one use in log1/log2
numeric_label=1 # you can label the log info based on the packet verdict
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#bind=1

[ulog1]
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
nlgroup=1
#numeric_label=0 # optional argument

[nuauth1]
socket_path="/tmp/nuauth_ulogd2.sock"

[emu1]
file="/var/log/ulogd_syslogemu.log"
sync=1

[op1]
file="/var/log/ulogd_oprint.log"
sync=1

[gp1]
file="/var/log/ulogd_gprint.log"
sync=1
timestamp=1

[xml1]
directory="/var/log/"
sync=1

[json1]
sync=1
#file="/var/log/ulogd.json"
#timestamp=0
# device name to be used in JSON message
#device="My awesome Netfilter firewall"
# If boolean_label is set to 1 then the numeric_label put on packet
# by the input plugin is coding the action on packet: if 0, then
# packet has been blocked and if non null it has been accepted.
#boolean_label=1
# Uncomment the following line to use JSON v1 event format that
# can provide better compatility with some JSON file reader.
#eventv1=1

[pcap1]
#default file is /var/log/ulogd.pcap
#file="/var/log/ulogd.pcap"
sync=1

[mysql1]
db="nulog"
host="localhost"
user="nupik"
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
# backlog configuration:
# set backlog_memcap to the size of memory that will be
# allocated to store events in memory if data is temporary down
# and insert them when the database came back.
#backlog_memcap=1000000
# number of events to insert at once when backlog is not empty
#backlog_oneshot_requests=10

[mysql2]
db="nulog"
host="localhost"
user="nupik"
table="conntrack"
pass="changeme"
procedure="INSERT_CT"

[pgsql1]
db="nulog"
host="localhost"
user="nupik"
table="ulog"
#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
# connstring can be used to define PostgreSQL connection string which
# contains all parameters of the connection. If set, this value has
# precedence on other variables used to build the connection string.
# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
# for a complete description of options.
#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
#backlog_memcap=1000000
#backlog_oneshot_requests=10
# If superior to 1 a thread dedicated to SQL request execution
# is created. The value stores the number of SQL request to keep
# in the ring buffer
#ring_buffer_size=1000

[pgsql2]
db="nulog"
host="localhost"
user="nupik"
table="ulog2_ct"
#schema="public"
pass="changeme"
procedure="INSERT_CT"

[pgsql3]
db="nulog"
host="localhost"
user="nupik"
table="ulog2_ct"
#schema="public"
pass="changeme"
procedure="INSERT_OR_REPLACE_CT"

[pgsql4]
db="nulog"
host="localhost"
user="nupik"
table="nfacct"
#schema="public"
pass="changeme"
procedure="INSERT_NFACCT"

[dbi1]
db="ulog2"
dbtype="pgsql"
host="localhost"
user="ulog2"
table="ulog"
pass="ulog2"
procedure="INSERT_PACKET_FULL"

[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd.sqlite3db"

[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd.sqlite3db"

[sys2]
facility=LOG_LOCAL2

[nacct1]
sync = 1
#file = /var/log/ulogd_nacct.log

[mark1]
mark = 1

[acct1]
pollinterval = 2
# If set to 0, we don't reset the counters for each polling (default is 1).
#zerocounter = 0
# Set timestamp (default is 0, which means not set). This timestamp can be
# interpreted by the output plugin.
#timestamp = 1

[graphite1]
host="127.0.0.1"
port="2003"
# Prefix of data name sent to graphite server
prefix="netfilter.nfacct"
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Mon Jul 02, 2018 11:19 am    Post subject: Reply with quote

The configuration file tells me that the required plugins are not loaded. The block containing the plugins should look like this:
Code:

plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
#plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
#plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
#plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"

_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Mon Jul 02, 2018 12:33 pm    Post subject: Reply with quote

Sadly still no luck:
Quote:
# /usr/sbin/ulogd --pidfile /run/ulogd.pid -v
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `NFLOG'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `IFINDEX'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `IP2STR'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `PRINTPKT'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `LOGEMU'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:407 registering plugin `BASE'
Mon Jul 2 22:32:09 2018 <5> ulogd.c:980 building new pluginstance stack: 'log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU'
Mon Jul 2 22:32:09 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 2
Mon Jul 2 22:32:09 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 10
Mon Jul 2 22:32:09 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 7
Mon Jul 2 22:32:09 2018 <7> ulogd_inppkt_NFLOG.c:552 unable to bind to log group 0
Mon Jul 2 22:32:09 2018 <7> ulogd.c:947 error starting `log1'
Mon Jul 2 22:32:09 2018 <8> ulogd.c:1596 not even a single working plugin stack

Here is my config - minus comments
Code:
[global]
logfile="/var/log/ulogd.log"
plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
[ct1]
[ct2]
hash_enable=0
[log1]
group=0
[log2]
group=1 # Group has to be different from the one use in log1
[log3]
group=2 # Group has to be different from the one use in log1/log2
numeric_label=1 # you can label the log info based on the packet verdict
[ulog1]
nlgroup=1
[nuauth1]
socket_path="/tmp/nuauth_ulogd2.sock"
[emu1]
file="/var/log/ulogd_syslogemu.log"
sync=1
[op1]
file="/var/log/ulogd_oprint.log"
sync=1
[gp1]
file="/var/log/ulogd_gprint.log"
sync=1
timestamp=1
[xml1]
directory="/var/log/"
sync=1
[json1]
sync=1
[pcap1]
sync=1
[mysql1]
db="nulog"
host="localhost"
user="nupik"
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
[mysql2]
db="nulog"
host="localhost"
user="nupik"
table="conntrack"
pass="changeme"
procedure="INSERT_CT"
[pgsql1]
db="nulog"
host="localhost"
user="nupik"
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
[pgsql2]
db="nulog"
host="localhost"
user="nupik"
table="ulog2_ct"
pass="changeme"
procedure="INSERT_CT"
[pgsql3]
db="nulog"
host="localhost"
user="nupik"
table="ulog2_ct"
pass="changeme"
procedure="INSERT_OR_REPLACE_CT"
[pgsql4]
db="nulog"
host="localhost"
user="nupik"
table="nfacct"
pass="changeme"
procedure="INSERT_NFACCT"
[dbi1]
db="ulog2"
dbtype="pgsql"
host="localhost"
user="ulog2"
table="ulog"
pass="ulog2"
procedure="INSERT_PACKET_FULL"
[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd.sqlite3db"
[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd.sqlite3db"
[sys2]
facility=LOG_LOCAL2
[nacct1]
sync = 1
[mark1]
mark = 1
[acct1]
pollinterval = 2
[graphite1]
host="127.0.0.1"
port="2003"
prefix="netfilter.nfacct"
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Tue Jul 03, 2018 7:16 am    Post subject: Reply with quote

Does the file /var/log/ulogd_syslogemu.log exist?
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Tue Jul 03, 2018 8:20 am    Post subject: Reply with quote

I've got /var/log/ulogd/ulogd_syslogemu.log, but not /var/log/ulogd_syslogemu.log

Interestingly daemon errors were previously written to /var/log/ulogd/ulogd.log but are now appearing in /var/log/ulogd.log

I've tried creating an emtpy /var/log/ulogd_syslogemu.log, but it still fails to start
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Tue Jul 03, 2018 8:39 am    Post subject: Reply with quote

Set loglevel to debug and try again, eventually there is more information in the logs to see then.
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Tue Jul 03, 2018 9:12 am    Post subject: Reply with quote

Just noticed that the location of ulogd.log has changed in the config file. Here is the debug output:
Quote:
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `NFLOG'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `IFINDEX'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `IP2STR'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `PRINTPKT'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `LOGEMU'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:407 registering plugin `BASE'
Tue Jul 3 19:08:26 2018 <5> ulogd.c:980 building new pluginstance stack: 'log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`log1:NFLOG'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `NFLOG' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`base1:BASE'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `BASE' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`ifi1:IFINDEX'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `IFINDEX' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`ip2str1:IP2STR'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `IP2STR' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`print1:PRINTPKT'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `PRINTPKT' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:989 tok=`emu1:LOGEMU'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1026 pushing `LOGEMU' on stack
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `LOGEMU'
Tue Jul 3 19:08:26 2018 <1> ulogd_output_LOGEMU.c:180 parsing config file section emu1
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `PRINTPKT'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `IP2STR'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `IFINDEX'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `BASE'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:803 traversing plugin `NFLOG'
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:490 parsing config file section `log1', plugin `NFLOG'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:819 connecting input/output keys of stack:
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `LOGEMU'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 print1(PRINTPKT)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `print(?)' as source for LOGEMU(print)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.time.sec(?)' as source for LOGEMU(oob.time.sec)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `PRINTPKT'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.family(?)' as source for PRINTPKT(oob.family)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.prefix(?)' as source for PRINTPKT(oob.prefix)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ifi1(IFINDEX)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.in(?)' as source for PRINTPKT(oob.in)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ifi1(IFINDEX)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.out(?)' as source for PRINTPKT(oob.out)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.uid(?)' as source for PRINTPKT(oob.uid)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.gid(?)' as source for PRINTPKT(oob.gid)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.mark(?)' as source for PRINTPKT(oob.mark)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `raw.mac(?)' as source for PRINTPKT(raw.mac)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `raw.mac_len(?)' as source for PRINTPKT(raw.mac_len)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ip2str1(IP2STR)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.saddr.str(?)' as source for PRINTPKT(ip.saddr.str)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ip2str1(IP2STR)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.daddr.str(?)' as source for PRINTPKT(ip.daddr.str)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.totlen(?)' as source for PRINTPKT(ip.totlen)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.tos(?)' as source for PRINTPKT(ip.tos)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.ttl(?)' as source for PRINTPKT(ip.ttl)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.id(?)' as source for PRINTPKT(ip.id)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.fragoff(?)' as source for PRINTPKT(ip.fragoff)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.protocol(?)' as source for PRINTPKT(ip.protocol)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.payloadlen(?)' as source for PRINTPKT(ip6.payloadlen)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.priority(?)' as source for PRINTPKT(ip6.priority)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.hoplimit(?)' as source for PRINTPKT(ip6.hoplimit)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.flowlabel(?)' as source for PRINTPKT(ip6.flowlabel)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.nexthdr(?)' as source for PRINTPKT(ip6.nexthdr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.fragoff(?)' as source for PRINTPKT(ip6.fragoff)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip6.fragid(?)' as source for PRINTPKT(ip6.fragid)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.sport(?)' as source for PRINTPKT(tcp.sport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.dport(?)' as source for PRINTPKT(tcp.dport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.seq(?)' as source for PRINTPKT(tcp.seq)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.ackseq(?)' as source for PRINTPKT(tcp.ackseq)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.window(?)' as source for PRINTPKT(tcp.window)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.syn(?)' as source for PRINTPKT(tcp.syn)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.ack(?)' as source for PRINTPKT(tcp.ack)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.psh(?)' as source for PRINTPKT(tcp.psh)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.rst(?)' as source for PRINTPKT(tcp.rst)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.fin(?)' as source for PRINTPKT(tcp.fin)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.urg(?)' as source for PRINTPKT(tcp.urg)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `tcp.urgp(?)' as source for PRINTPKT(tcp.urgp)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `udp.sport(?)' as source for PRINTPKT(udp.sport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `udp.dport(?)' as source for PRINTPKT(udp.dport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `udp.len(?)' as source for PRINTPKT(udp.len)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.type(?)' as source for PRINTPKT(icmp.type)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.code(?)' as source for PRINTPKT(icmp.code)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.echoid(?)' as source for PRINTPKT(icmp.echoid)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.echoseq(?)' as source for PRINTPKT(icmp.echoseq)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.gateway(?)' as source for PRINTPKT(icmp.gateway)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmp.fragmtu(?)' as source for PRINTPKT(icmp.fragmtu)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmpv6.type(?)' as source for PRINTPKT(icmpv6.type)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmpv6.code(?)' as source for PRINTPKT(icmpv6.code)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmpv6.echoid(?)' as source for PRINTPKT(icmpv6.echoid)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `icmpv6.echoseq(?)' as source for PRINTPKT(icmpv6.echoseq)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ahesp.spi(?)' as source for PRINTPKT(ahesp.spi)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.protocol(?)' as source for PRINTPKT(oob.protocol)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.hwtype(?)' as source for PRINTPKT(arp.hwtype)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.protocoltype(?)' as source for PRINTPKT(arp.protocoltype)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.operation(?)' as source for PRINTPKT(arp.operation)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.shwaddr(?)' as source for PRINTPKT(arp.shwaddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ip2str1(IP2STR)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.saddr.str(?)' as source for PRINTPKT(arp.saddr.str)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.dhwaddr(?)' as source for PRINTPKT(arp.dhwaddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 ip2str1(IP2STR)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.daddr.str(?)' as source for PRINTPKT(arp.daddr.str)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `sctp.sport(?)' as source for PRINTPKT(sctp.sport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `sctp.dport(?)' as source for PRINTPKT(sctp.dport)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `IP2STR'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.family(?)' as source for IP2STR(oob.family)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.protocol(?)' as source for IP2STR(oob.protocol)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.saddr(?)' as source for IP2STR(ip.saddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `ip.daddr(?)' as source for IP2STR(ip.daddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.saddr(?)' as source for IP2STR(arp.saddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 base1(BASE)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `arp.daddr(?)' as source for IP2STR(arp.daddr)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `IFINDEX'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.ifindex_in(?)' as source for IFINDEX(oob.ifindex_in)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.ifindex_out(?)' as source for IFINDEX(oob.ifindex_out)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `BASE'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `raw.pkt(?)' as source for BASE(raw.pkt)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `raw.pktlen(?)' as source for BASE(raw.pktlen)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.family(?)' as source for BASE(oob.family)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:784 log1(NFLOG)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:890 assigning `oob.protocol(?)' as source for BASE(oob.protocol)
Tue Jul 3 19:08:26 2018 <1> ulogd.c:827 traversing plugin `NFLOG'
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:530 opening nfnetlink socket
Tue Jul 3 19:08:26 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 2
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:512 binding to protocol family 2
Tue Jul 3 19:08:26 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 10
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:512 binding to protocol family 10
Tue Jul 3 19:08:26 2018 <5> ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol 7
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:512 binding to protocol family 7
Tue Jul 3 19:08:26 2018 <1> ulogd_inppkt_NFLOG.c:547 binding to log group 0
Tue Jul 3 19:08:26 2018 <7> ulogd_inppkt_NFLOG.c:552 unable to bind to log group 0
Tue Jul 3 19:08:26 2018 <7> ulogd.c:947 error starting `log1'
Tue Jul 3 19:08:26 2018 <1> ulogd.c:1040 destroying stack
Tue Jul 3 19:08:26 2018 <8> ulogd.c:1596 not even a single working plugin stack
Back to top
View user's profile Send private message
massimo
Veteran
Veteran


Joined: 22 Jun 2003
Posts: 1226

PostPosted: Tue Jul 03, 2018 11:30 am    Post subject: Reply with quote

Is ulogd already running when you try to start it?
_________________
Hello 911? How are you?
Back to top
View user's profile Send private message
Robert S
Guru
Guru


Joined: 15 Aug 2004
Posts: 443
Location: Canberra Australia

PostPosted: Tue Jul 03, 2018 11:42 am    Post subject: app-admin/ulogd-2.0.7 fails to create pid file [SOLVED] Reply with quote

Yes
Quote:
mypc ~ # killall ulogd
mypc ~ # /etc/init.d/ulogd start
* Starting ulogd ... [ ok ]
mypc ~ #
Many thanks for your patience in sorting this out. :D
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum