* Ulogd
@ 2016-06-08 16:52 ummeegge
2016-06-09 11:28 ` Ulogd Michael Tremer
0 siblings, 1 reply; 3+ messages in thread
From: ummeegge @ 2016-06-08 16:52 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 617 bytes --]
Hi all,
i wanted to ask you all what are you thinking to integrate Ulogd --> http://www.netfilter.org/projects/ulogd/ into IPfire environment ? This would include modification in the kernel config but also the libnetfilter_log and libnetfilter_acct packages.
Since Ben made already a commit for this some time ago an inside of the potential work can be overseen in here --> http://git.ipfire.org/?p=people/trikolon/ipfire-2.x.git;a=commit;h=e3f803b702a39c5004cf3e614f4bc2307f576a3c .
Have tested this also in a Pmacctd --> http://www.pmacct.net/ environment which makes a good impression.
Greetings,
Erik
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 842 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Ulogd
2016-06-08 16:52 Ulogd ummeegge
@ 2016-06-09 11:28 ` Michael Tremer
2016-06-10 5:57 ` Ulogd ummeegge
0 siblings, 1 reply; 3+ messages in thread
From: Michael Tremer @ 2016-06-09 11:28 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 743 bytes --]
And what would this be good for?
On Wed, 2016-06-08 at 18:52 +0200, ummeegge wrote:
> Hi all,
> i wanted to ask you all what are you thinking to integrate Ulogd --> http://ww
> w.netfilter.org/projects/ulogd/ into IPfire environment ? This would include
> modification in the kernel config but also the libnetfilter_log and
> libnetfilter_acct packages.
> Since Ben made already a commit for this some time ago an inside of the
> potential work can be overseen in here --> http://git.ipfire.org/?p=people/tri
> kolon/ipfire-2.x.git;a=commit;h=e3f803b702a39c5004cf3e614f4bc2307f576a3c .
>
> Have tested this also in a Pmacctd --> http://www.pmacct.net/ environment
> which makes a good impression.
>
> Greetings,
>
> Erik
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Ulogd
2016-06-09 11:28 ` Ulogd Michael Tremer
@ 2016-06-10 5:57 ` ummeegge
0 siblings, 0 replies; 3+ messages in thread
From: ummeegge @ 2016-06-10 5:57 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2578 bytes --]
Hi Michael,
a benefit could be extend the logging mechanisms in IPFire. Since Ulogd2 is a modular userspace logging daemon which includes per-packet logging of security violations, per-packet logging for accounting, per-flow logging and flexible user-defined accounting, it might be possibly interesting to have another way in IPFire beneath the traditional IPFire logging system. In conjunction with nfacct --> http://netfilter.org/projects/nfacct/ for example it should also be possible to use a flexible user-defined traffic accounting environment for different purposes.
There are output variations included like file based logging (Syslog, File, PCAP and NACCT) but also the usage of databases (Sqlite or MySQL) is possible. Ulogd2 have also a fast plugin architecture for the entries, the output but also for filtering in many ways. There are some network plugins for IPFIX or even GRAPHITE available but i have seen also some other interesting projects to visualize the IPTable events over Ulogd2 in different and detailed ways.
I was looking for extending Syskjlogd, i gave Rsyslog also a try which might also be interesting but there is the need for some other not so lightweight dependencies like libestr json-c (libfastjson) liblogging (in minimum) but also less possibilities then Ulogd2 as far as i can see.
Not sure if all that matters for IPFire but i nevertheless wanted to send you an reference or even a question of what are you thinking about all that especially cause we have already an first idea from Ben of how to build it in Git.
A nice and short overview of what Ulogd2 is can also be found in here --> https://home.regit.org/wp-content/uploads/2013/03/ulogd2.pdf .
Greetings,
Erik
Am 09.06.2016 um 13:28 schrieb Michael Tremer <michael.tremer(a)ipfire.org>:
> And what would this be good for?
>
> On Wed, 2016-06-08 at 18:52 +0200, ummeegge wrote:
>> Hi all,
>> i wanted to ask you all what are you thinking to integrate Ulogd --> http://ww
>> w.netfilter.org/projects/ulogd/ into IPfire environment ? This would include
>> modification in the kernel config but also the libnetfilter_log and
>> libnetfilter_acct packages.
>> Since Ben made already a commit for this some time ago an inside of the
>> potential work can be overseen in here --> http://git.ipfire.org/?p=people/tri
>> kolon/ipfire-2.x.git;a=commit;h=e3f803b702a39c5004cf3e614f4bc2307f576a3c .
>>
>> Have tested this also in a Pmacctd --> http://www.pmacct.net/ environment
>> which makes a good impression.
>>
>> Greetings,
>>
>> Erik
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 842 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-06-10 5:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-08 16:52 Ulogd ummeegge
2016-06-09 11:28 ` Ulogd Michael Tremer
2016-06-10 5:57 ` Ulogd ummeegge
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox