Thanks for the help. I will try ulogd and see if it works in my case, but I'm more than sure it will. I'll get back with results. On 22-03-2018 14:41, Raymond Burkholder wrote: >> Ok, it was nf_log_ipv4, but it is a part of iptables. I can get nf_log_ipv4 >> installed only if I select XT tables and LOG matching for iptables, so means >> that some core components of iptables also comes to the installation. I would >> like to use only nfnetling_log for logging, but if I try to execute this command >> 'echo "nfnetlink_log" /proc/sys/net/netfilter/nf_log/2', then I get error, that >> wirte cannot be executed. Should I then necessarily have ulogd installed on >> my system in order to be able to use nfnetlink logging? > I run ulogd on my systems. Is light weight and functional. I was going to suggest that way early in your thread, but didn't get around to it. > > These are the related installed modules: > > # lsmod |grep nf|grep log > nft_log 16384 49 > nf_tables 106496 510 nft_ct,nft_chain_nat_ipv4,nf_tables_arp,nf_tables_ipv4,nft_masq,nft_meta,nft_masq_ipv4,nft_counter,nft_log > nfnetlink_log 20480 50 > nfnetlink 16384 9 nfnetlink_log,nf_conntrack_netlink,nf_tables > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
