Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Iptables ULOG obsolete, how to do userspace logging?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
alexeen
n00b
n00b


Joined: 30 Jul 2005
Posts: 9
Location: Canada
PostPosted: Mon Nov 21, 2005 5:20 pm    Post subject: Iptables ULOG obsolete, how to do userspace logging? Reply with quote
Hi,

I'm wondering if anyone know how to set up logging for iptables with NETLINK stuff as the ULOG option is now obsolete. :D

Thanx.
Back to top
View user's profile Send private message
limn
l33t
l33t


Joined: 13 May 2005
Posts: 997
PostPosted: Wed Nov 23, 2005 1:52 pm    Post subject: Reply with quote
Try enabling Netfilter netlink interface and Netfilter LOG over NFNETLINK interface and disable ULOG target support.

Code:
Networking options  --->
  [*] Network packet filtering (replaces ipchains)  --->
     <*>   Netfilter netlink interface                               
     < >      Netfilter NFQUEUE over NFNETLINK interface (NEW)
     <M>         Netfilter LOG over NFNETLINK interface                 
                IP: Netfilter Configuration  --->
                     < >   ULOG target support (OBSOLETE)


It doesn't appear that any changes are needed for iptables rules or ulogd.
Back to top
View user's profile Send private message
alexeen
n00b
n00b


Joined: 30 Jul 2005
Posts: 9
Location: Canada
PostPosted: Wed Nov 23, 2005 2:00 pm    Post subject: Reply with quote
Thanx for the reply, but say if I have a line like:

iptables .... --ulog-prefix "REJECT: " --ulog-qthreshold 10

What args do I use now to control prefix and qthreshold? :oops:

Thank you.
Back to top
View user's profile Send private message
limn
l33t
l33t


Joined: 13 May 2005
Posts: 997
PostPosted: Wed Nov 23, 2005 4:21 pm    Post subject: Reply with quote
The iptables arguments shouldn't change. The kernel configuration would.

I made the kernel config changes on a box yesterday and -j ULOG worked.
I just tried to replicate that on another box today and it is failing.
I rebooted the first box and it is failing there now.

Not sure yet what is going on.
Back to top
View user's profile Send private message
alexeen
n00b
n00b


Joined: 30 Jul 2005
Posts: 9
Location: Canada
PostPosted: Wed Nov 23, 2005 7:26 pm    Post subject: Reply with quote
The thing is, if we do not include the ULOG kernel option, iptables will not be able to send the packets to the ULOG chain. I am unable to find a single documentation regarding the obsolescence of ULOG and how to setup user space logging over NETLINK interface.

The most relevant info I've been able to locate are as follows:
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-4.html#ss4.3
http://www.franken.de/de/veranstaltungen/kongress/2002/netfilter.pdf

Maybe this requires iptables2 with ulog2 or something. :?
Back to top
View user's profile Send private message
limn
l33t
l33t


Joined: 13 May 2005
Posts: 997
PostPosted: Wed Nov 23, 2005 8:07 pm    Post subject: Reply with quote
I was confused when I thought I had it working....

Looks like these are needed:

libnfnetlink
libnetfilter_log
etc

You may want to fill out a bug report requesting ebuild(s).
Back to top
View user's profile Send private message
MrUlterior
Guru
Guru


Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
PostPosted: Thu Nov 24, 2005 9:18 am    Post subject: Reply with quote
Perhaps this (http://www.nufw.org) is what you're looking for?
_________________

Misanthropy 2.0 - enough hate to go around
Back to top
View user's profile Send private message
alexeen
n00b
n00b


Joined: 30 Jul 2005
Posts: 9
Location: Canada
PostPosted: Thu Nov 24, 2005 4:41 pm    Post subject: Reply with quote
Eh? that has nothing to do with it.

What we need is what limn said:

libnfnetlink: https://svn.netfilter.org/netfilter/trunk/libnfnetlink/
libnetfilter_log: https://svn.netfilter.org/netfilter/trunk/libnetfilter_log/
ulogd2: http://svn.gnumonks.org/branches/ulog/ulogd2/
Linux Kernel: 2.6.14+ with proper options set
Back to top
View user's profile Send private message
MrUlterior
Guru
Guru


Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
PostPosted: Thu Nov 24, 2005 11:59 pm    Post subject: Reply with quote
alexeen wrote:
Eh? that has nothing to do with it.

What we need is what limn said:

libnfnetlink: https://svn.netfilter.org/netfilter/trunk/libnfnetlink/
libnetfilter_log: https://svn.netfilter.org/netfilter/trunk/libnetfilter_log/
ulogd2: http://svn.gnumonks.org/branches/ulog/ulogd2/
Linux Kernel: 2.6.14+ with proper options set


Sorry, I thought that you wanted logging, whcih this seems to do
http://www.nufw.org/docs/references.html#id2452482
_________________

Misanthropy 2.0 - enough hate to go around
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy