From mboxrd@z Thu Jan 1 00:00:00 1970 From: ummeegge To: development@lists.ipfire.org Subject: Re: Ulogd Date: Fri, 10 Jun 2016 07:57:44 +0200 Message-ID: <9C65B97F-9A45-432D-A4A4-FB53E537D1C9@ipfire.org> In-Reply-To: <1465471735.24121.135.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2523271511215653177==" List-Id: --===============2523271511215653177== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael, a benefit could be extend the logging mechanisms in IPFire. Since Ulogd2 is a= modular userspace logging daemon which includes per-packet logging of securi= ty violations, per-packet logging for accounting, per-flow logging and flexib= le user-defined accounting, it might be possibly interesting to have another = way in IPFire beneath the traditional IPFire logging system. In conjunction w= ith nfacct --> http://netfilter.org/projects/nfacct/ for example it should al= so be possible to use a flexible user-defined traffic accounting environment = for different purposes. There are output variations included like file based logging (Syslog, File, P= CAP and NACCT) but also the usage of databases (Sqlite or MySQL) is possible.= Ulogd2 have also a fast plugin architecture for the entries, the output but= also for filtering in many ways. There are some network plugins for IPFIX or= even GRAPHITE available but i have seen also some other interesting projects= to visualize the IPTable events over Ulogd2 in different and detailed ways. I was looking for extending Syskjlogd, i gave Rsyslog also a try which might = also be interesting but there is the need for some other not so lightweight d= ependencies like libestr json-c (libfastjson) liblogging (in minimum) but als= o less possibilities then Ulogd2 as far as i can see. Not sure if all that matters for IPFire but i nevertheless wanted to send you= an reference or even a question of what are you thinking about all that espe= cially cause we have already an first idea from Ben of how to build it in Git. A nice and short overview of what Ulogd2 is can also be found in here --> htt= ps://home.regit.org/wp-content/uploads/2013/03/ulogd2.pdf . Greetings, Erik Am 09.06.2016 um 13:28 schrieb Michael Tremer : > And what would this be good for? >=20 > On Wed, 2016-06-08 at 18:52 +0200, ummeegge wrote: >> Hi all, >> i wanted to ask you all what are you thinking to integrate Ulogd --> http:= //ww >> w.netfilter.org/projects/ulogd/ into IPfire environment ? This would inclu= de >> modification in the kernel config but also the libnetfilter_log and >> libnetfilter_acct packages. >> Since Ben made already a commit for this some time ago an inside of the >> potential work can be overseen in here --> http://git.ipfire.org/?p=3Dpeop= le/tri >> kolon/ipfire-2.x.git;a=3Dcommit;h=3De3f803b702a39c5004cf3e614f4bc2307f576a= 3c . >>=20 >> Have tested this also in a Pmacctd --> http://www.pmacct.net/ environment >> which makes a good impression. >>=20 >> Greetings, >>=20 >> Erik --===============2523271511215653177== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KQ29tbWVudDogR1BHVG9vbHMgLSBodHRwczov L2dwZ3Rvb2xzLm9yZwoKaVFJY0JBRUJDZ0FHQlFKWFdsYmlBQW9KRUlQaWh4WDVKOGpuMWJRUC8z cHRxd1RDSW1zeFhmekMyNUVHbXllKwpYdVU2dHlSTDhQdW0wYVNqa2NRa1JmdC82UnZzSTEybUxq ZnRLOGJML0tnUmlwZHhxOE41NWdUcGEwL3JrVjltCjJ6SERPSXhyMTVSeTZVMUQ0OUorQ3gvQk1O d1hZYmRpU1RUQ3A2V3o0eWdKWXNUK0NJRTAzYUo5eXVKVjhtOVEKUTNpcFdYeU5KOXdLeTdpRWxx VFJGQ1NwclhWbHpERC9oREpWcHd3Z1hzeDB6dDdTaVJXVVZZNkNoTjhnaVZNQgoreDdNUVRiTzlF ZkhHci9MMjhrTGxJQUpsdjFDS1hTa3Q0ZGNEbE9zTEJyd05nS0xiZ3c4WkJwRGhMcEpZeDNKCjMr aGZQQzNCam5WSnk1bzNpSVdXT0xFT3lPYmwxVmYyL1BtQkErV3dqQ1hTR1Rud3dpcXhTOGlJWG5M QzNlRkQKOXJ5SXpvdW1OTm9ITURUQVVySXd2MjV3UksxMy9Kc1RVeDhWNHBjK0VEVlVCQXlZR1Vx TFFqU0x6S0x6aGNzWgphbDMvNnlSeUVDeHFlUU5SaC9IbzRQeEQraE5KMGlXT2lvYnlOTGlrNFp4 dHFhM0tNMnVpWmRobS9qUCszUFlICmFjRGdXcG94b2pSN3N4R25OVUxBOU9mN25LQll0MEw0ZTYx QThyVnh0a080d3FOLzl5NmhKZm9yOXlNQmJBL0kKKzJpRXdMbUh0QVlpQldDVWVqRGE0dWZqK1Nj TXNYUG5vT09jODNEVTBLMDNiMjFXSExDejBVV3A4bW51M0JQTQoxaXpxSnJVSzRuS3NuN1AyY3VC V1BNL2JyM0RVNmthUU5RMmZScFpGTy9ncndhdjJVQ2oydGFsOHNkWFZwVllGCmcvbGJ6ZGhvay9M S3A0T2VjTmxwCj0xeDljCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============2523271511215653177==--