[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

ULOGD and iptables -j ULOG?

I would like to log iptable -j LOG to something like local5 rather than to
messages. However, based on my reading of the doco I do not see a way to
change the logging facility for iptables.

The iptables man talks about a -j ULOG. However, searches for information on
how to use it (with specific examples) have met with no success. I have found
a program called ulogd which supposedly will allow one to use ULOG to log
packets to a plaintext file or mysql. Efforts to do a make on it have also met
with no success. Evidently, the components needed to support ULOG in iptables
were not included in kernel on the CDs?

Here are the error messages:

[admin www ulogd-1.00]$ make
make[1]: Entering directory `/home/admin/rpms/BUILD/ulogd-1.00/conffile'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/home/admin/rpms/BUILD/ulogd-1.00/conffile'
make[1]: Entering directory `/home/admin/rpms/BUILD/ulogd-1.00/libipulog'
gcc -g -O2   -DULOGD_CONFIGFILE=\"/usr/local/etc/ulogd.conf\"
-I/usr/src/linux/include -Iinclude -I/usr/src/linux/include -c libipulog.c -o
In file included from libipulog.c:32:
include/libipulog/libipulog.h:15:43: linux/netfilter_ipv4/ipt_ULOG.h: No such
file or directory
In file included from libipulog.c:32:
include/libipulog/libipulog.h:34: parse error before '*' token
include/libipulog/libipulog.h:36: warning: data definition has no type or
storage class
libipulog.c: In function `ipulog_create_handle':
libipulog.c:154: `NETLINK_NFLOG' undeclared (first use in this function)
libipulog.c:154: (Each undeclared identifier is reported only once
libipulog.c:154: for each function it appears in.)
libipulog.c: At top level:
libipulog.c:204: parse error before '*' token
make[1]: *** [libipulog.o] Error 1
make[1]: Leaving directory `/home/admin/rpms/BUILD/ulogd-1.00/libipulog'
make: *** [recurse] Error 1

[admin www ulogd-1.00]$ locate ipt_ulog.h

[admin www ulogd-1.00]$ locate ulog

Anyone have any ideas on how I can get the -j LOG action put the results in
/var/log/packets rather than as kernel in /var/log/messages?



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]