Anyone? This was the last question and topic could be closed. I really can't find anything on the internet regarding that. Family number 2 corresponds to IPv4 and logging library shall be activated, not only available as in my case. But for some reason logging is working without any problems. I would really like to know what is real meaning behind /proc/net/netfilter/nf_log. On 05-04-2018 21:47, darius wrote: > Ok, problem was solved with correct configuration of ulogd. Everything > works fine, but for come reason 'cat /proc/net/netfilter/nf_log' still > shows: > > 0 NONE (nfnetlink_log) > 1 NONE (nfnetlink_log) > 2 NONE (nfnetlink_log) > 3 NONE (nfnetlink_log) > 4 NONE (nfnetlink_log) > 5 NONE (nfnetlink_log) > 6 NONE (nfnetlink_log) > 7 NONE (nfnetlink_log) > 8 NONE (nfnetlink_log) > 9 NONE (nfnetlink_log) > 10 NONE (nfnetlink_log) > 11 NONE (nfnetlink_log) > 12 NONE (nfnetlink_log) > > Shouldn't it be 'nfnetlink_log' active at least for family number 2? > > On 23-03-2018 22:32, darius wrote: >> Thanks for the help. I will try ulogd and see if it works in my case, >> but I'm more than sure it will. I'll get back with results. >> >> On 22-03-2018 14:41, Raymond Burkholder wrote: >>>> Ok, it was nf_log_ipv4, but it is a part of iptables. I can get nf_log_ipv4 >>>> installed only if I select XT tables and LOG matching for iptables, so means >>>> that some core components of iptables also comes to the installation. I would >>>> like to use only nfnetling_log for logging, but if I try to execute this command >>>> 'echo "nfnetlink_log" /proc/sys/net/netfilter/nf_log/2', then I get error, that >>>> wirte cannot be executed. Should I then necessarily have ulogd installed on >>>> my system in order to be able to use nfnetlink logging? >>> I run ulogd on my systems. Is light weight and functional. I was going to suggest that way early in your thread, but didn't get around to it. >>> >>> These are the related installed modules: >>> >>> # lsmod |grep nf|grep log >>> nft_log 16384 49 >>> nf_tables 106496 510 nft_ct,nft_chain_nat_ipv4,nf_tables_arp,nf_tables_ipv4,nft_masq,nft_meta,nft_masq_ipv4,nft_counter,nft_log >>> nfnetlink_log 20480 50 >>> nfnetlink 16384 9 nfnetlink_log,nf_conntrack_netlink,nf_tables >>> >>> >> -- >> To unsubscribe from this list: send the line "unsubscribe netfilter" in >> the body of a message to majordomo@xxxxxxxxxxxxxxx >> More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
