ULOGD and iptables -j ULOG?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I would like to log iptable -j LOG to something like local5 rather than to
messages. However, based on my reading of the doco I do not see a way to
change the logging facility for iptables.

The iptables man talks about a -j ULOG. However, searches for information on
how to use it (with specific examples) have met with no success. I have found
a program called ulogd which supposedly will allow one to use ULOG to log
packets to a plaintext file or mysql. Efforts to do a make on it have also met
with no success. Evidently, the components needed to support ULOG in iptables
were not included in kernel on the CDs?

Here are the error messages:

[admin@xxx ulogd-1.00]$ make
make[1]: Entering directory `/home/admin/rpms/BUILD/ulogd-1.00/conffile'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/home/admin/rpms/BUILD/ulogd-1.00/conffile'
make[1]: Entering directory `/home/admin/rpms/BUILD/ulogd-1.00/libipulog'
gcc -g -O2   -DULOGD_CONFIGFILE=\"/usr/local/etc/ulogd.conf\"
-I/usr/src/linux/include -Iinclude -I/usr/src/linux/include -c libipulog.c -o
libipulog.o
In file included from libipulog.c:32:
include/libipulog/libipulog.h:15:43: linux/netfilter_ipv4/ipt_ULOG.h: No such
file or directory
In file included from libipulog.c:32:
include/libipulog/libipulog.h:34: parse error before '*' token
include/libipulog/libipulog.h:36: warning: data definition has no type or
storage class
libipulog.c: In function `ipulog_create_handle':
libipulog.c:154: `NETLINK_NFLOG' undeclared (first use in this function)
libipulog.c:154: (Each undeclared identifier is reported only once
libipulog.c:154: for each function it appears in.)
libipulog.c: At top level:
libipulog.c:204: parse error before '*' token
make[1]: *** [libipulog.o] Error 1
make[1]: Leaving directory `/home/admin/rpms/BUILD/ulogd-1.00/libipulog'
make: *** [recurse] Error 1

[admin@xxx ulogd-1.00]$ locate ipt_ulog.h

[admin@xxx ulogd-1.00]$ locate ulog

Anyone have any ideas on how I can get the -j LOG action put the results in
/var/log/packets rather than as kernel in /var/log/messages?

Thanks.

Mike





-- 
Psyche-list mailing list
Psyche-list@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/psyche-list
[Index of Archives]     [Fedora General Discussion]     [Red Hat General Discussion]     [Centos]     [Kernel]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux