#6 closed enhancement (fixed)
Ulog or libnetfilter_log support to replace syslog
| Reported by: | Victor Julien | Owned by: | Fred Leeflang |
|---|---|---|---|
| Priority: | major | Milestone: | 0.8 |
| Component: | suite | Version: | |
| Keywords: | Cc: | Fred Leeflang |
Description
Syslog component is hard to setup for many users and a bit redundant because it logs to a file where vuurmuur_log picks it up and after converting, logs it again.
Change History (13)
comment:1 by , 16 years ago
| Type: | defect → enhancement |
|---|
comment:2 by , 15 years ago
| Owner: | changed from to |
|---|
comment:3 by , 15 years ago
| Status: | new → assigned |
|---|
comment:4 by , 15 years ago
| Milestone: | 0.7 → undecided |
|---|
comment:5 by , 14 years ago
| Milestone: | undecided → 0.9 |
|---|
comment:6 by , 13 years ago
| Cc: | added |
|---|
comment:7 by , 13 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
comment:8 by , 13 years ago
| Component: | vuurmuur → suite |
|---|
comment:9 by , 13 years ago
| Status: | new → assigned |
|---|
I've started working on this in the branches/vuurmuur-ulog branch.
comment:10 by , 13 years ago
The configuration option works in the ulog branch's 'Vuurmuur Config -> Logging' now. The sample config.conf has examples. If the RULE_NFLOG and NFGRP parameters are not in config.conf, vuurmuur_conf on startup will notify the user and set RULE_NFLOG and NFGRP to their defaults ("Yes" and "8").
comment:11 by , 13 years ago
| Milestone: | 1.0 → 0.9 |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
All the code for this is now in the vuurmuur-ulog branch. This branch should be merged into main after 0.8 has been released.
comment:12 by , 13 years ago
I've been thinking on how to document this as it's probably in milestone 0.9 only and with 0.8 not even out the door yet it could be a while before this is available to the general public. I've written an article on http://wordpress.3dn.nl/2009/11/25/iptabes-nflog-support-in-vuurmuur/ but I figured documentation for this should also be here.
comment:13 by , 10 years ago
| Milestone: | 0.9 → 0.8 |
|---|
I'm just realizing that the inotify effort I've been putting into vuurmuur_conf for ticket #72 is basically trying to get some control over logfiles vuurmuur already controls! The log viewing of vuurmuur_conf 'tails' the vuurmuur logfiles which are created and controlled by vuurmuur_log. So unless we let some other mechanism like logrotate.d scripts rotate those files we already have full control over our own logfiles.
So I started digging around some more into vuurmuur_log itself and found this ticket which seems quite interesting. I'd like to put some effort into this one too if tigerp agrees.