similar to: ULOGD and Snort Inline

https://bugzilla.netfilter.org/show_bug.cgi?id=986 Bug ID: 986 Summary: ulogd fails to build against linux headers >= 3.17.0 due to ULOG target removal Product: ulogd Version: SVN (please provide timestamp) Hardware: x86_64 OS: Gentoo Status: NEW Severity: major Priority:

FYI. I have not been able to determine 100% that logrotate does this, but ulogd appears to stop logging whenever logrotate runs. So far, the only obvious commonality that I see is that logrotate ran and that the /var/log/ulogd/ulogd.syslogemu is completely empty until I restart ulogd. I have proven that the logging is broken by manually performing a network operation that Shorewall normally

--/aVve/J9H4Wl5yVO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Everybody! I had to change the ulog.patch in recent patch-o-matic to use a different netlink family (it's now 5 instead of 4). This means, you will have to recompile your ulogd or any other application in order to make it work. That's also why I have

hi. ulogd.c use 1.23 as its version while it is shipped with ulog 1.24 moreover ulogd does not log anymore in ulogd.log like ulogd 1.23 did

quick background: RH9 (2.4.20-19.9) Shorewall 1.4.6a-1 ulogd 1.00 Shorewall is working properly. I''ve followed the FAQ instructions and everything appears to be setup correctly. The problem is that I''m trying to get ulog going...but I''m getting: # service ulogd status ulogd dead but subsys locked I''m not sure if I was suppose to, but I also manually created

Hi Guys I have install ulog and shorewall and edit the shorewall config file to use ulogd for logging, I have also compiled ulogd support into the kernel however I still cannot get shorewall to log through ulogd to file. It keeps dumping info to console. Any assistance would be appreciated. Thanks Craig

I am looking for ulog-2.0.x packages and the best I have been able to find [for CentOS6] has been ulog-2.0.0 (which is not an exciting prospect for .0 reasons). Is anyone aware of ulogd packages for CentOS6 [x86_64]? I am kind of surprised this isn't standard fair. -- Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383 Systems Administrator, Python Developer, LPI /

--+HwY7O+GdaLKMYOv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! I have finally released Version 1.00 of the iptables userspace logging daemon (ulogd).=20 After being around for almost three years, and receiving lots of positive reports, I have decided to make this new release the 1.00 release, the first official stable

--J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi All! I have just released a new version of ulogd, the userspace logging deamon meant to be used in combination with the ULOG target of netfilter/iptables patch-o-matic. This new release contains a bugfix, where in certain cases ulogd ran into an endless loop,

https://bugzilla.netfilter.org/show_bug.cgi?id=977 Netbug <b1b30ee4 at opayq.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID |--- --- Comment #27 from Netbug <b1b30ee4 at opayq.com>

I''m trying to get Shorewall to use ulogd for logging, but I''m not seeing any logging in either the file I set up for logs, nor in /var/log/messages (where the logs used to be). I''m running a stock Debian 3.0 woody system, with a custom 2.4.21 kernel. I used all the settings as described on shorewall.net when configuring the kernel. ulogd (0.97-1) and shorewall

Hi! I have released version 1.21 of the iptables userspace logging daemon (ulogd). This release is a minur bugfix update to the 'brown paper bag' release 1.20. 1.20 was probably one of the last 'new feature' updates for ulogd, since I'm already working on ulogd2, which includes support for plugin stacks, IPFIX and ct_acct. The new Version is available as tar.bz2 only and can

https://bugzilla.netfilter.org/show_bug.cgi?id=1232 Bug ID: 1232 Summary: Ulogd2 Failed Startup on VPS Product: ulogd Version: SVN (please provide timestamp) Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: ulogd Assignee:

Going deeper on last post "[Shorewall-users] logging", I found a very nice package that handles ULOG messages in a web interface, where you can browse the events from a MySql database produced by ULOGD. Real time. The name is: ULOGD-PHP From the site: ------------------------------------------- ulogd-php is able to : show the last hosts that broke packets on your firewall. show the

http://bugzilla.netfilter.org/show_bug.cgi?id=793 Summary: ulogd -d does not close all fds Product: ulogd Version: SVN (please provide timestamp) Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ulogd AssignedTo: netfilter-buglog at lists.netfilter.org

Hi All, I am adding ip_queue module for snort inline IDS. I am using snort2.4.0 And iptables-1.3.4. Userspace Queuing(queue target) is enabled. It is built-in and not built as a module. The output of /proc/net/ip_queue is shown below: cat /proc/net/ip_queue> Peer PID : 0 Copy mode : 0 Copy range : 0 Queue length : 0 Queue max. length : 1024 IPTABLES 1.3.4 is

I figured that someone reading this list might want to take a look at the proceeding, considering that the version of Snort in FreeBSD ports -is- affected. -----Forwarded Message----- > From: CERT Advisory <cert-advisory@cert.org> > To: cert-advisory@cert.org > Subject: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors > Date: 17 Apr 2003 11:30:47 -0400

https://bugzilla.netfilter.org/show_bug.cgi?id=871 Summary: Running two instances of ulog causes abort in libnfnetlink Product: ulogd Version: SVN (please provide timestamp) Platform: All OS/Version: All Status: NEW Severity: critical Priority: P5 Component: ulogd AssignedTo:

Anywhere that a syslog level can appear, you can now specify ULOG (must be upper case) and logging will occur to the ulog target. You can download ulogd from http://www.gnumonks.org/projects/ulogd. Only the ''firewall'' file is required. None of the comments in the other config files are updated yet but I''m working on it. -Tom -- Tom Eastep \ Shorewall - iptables

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline