[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: Log statement seems to be not working
From:       darius <dram () mailbox ! org>
Date:       2018-04-07 10:30:06
Message-ID: 05dc90c7-c1b1-25d3-3b2b-415fa74e8ac9 () mailbox ! org
[Download RAW message or body]

Anyone? This was the last question and topic could be closed. I really
can't find anything on the internet regarding that. Family number 2
corresponds to IPv4 and logging library shall be activated, not only
available as in my case. But for some reason logging is working without
any problems. I would really like to know what is real meaning behind
/proc/net/netfilter/nf_log.

On 05-04-2018 21:47, darius wrote:
> Ok, problem was solved with correct configuration of ulogd. Everything
> works fine, but for come reason 'cat /proc/net/netfilter/nf_log' still
> shows:
> 
> 0 NONE (nfnetlink_log)
> 1 NONE (nfnetlink_log)
> 2 NONE (nfnetlink_log)
> 3 NONE (nfnetlink_log)
> 4 NONE (nfnetlink_log)
> 5 NONE (nfnetlink_log)
> 6 NONE (nfnetlink_log)
> 7 NONE (nfnetlink_log)
> 8 NONE (nfnetlink_log)
> 9 NONE (nfnetlink_log)
> 10 NONE (nfnetlink_log)
> 11 NONE (nfnetlink_log)
> 12 NONE (nfnetlink_log)
> 
> Shouldn't it be 'nfnetlink_log' active at least for family number 2?
> 
> On 23-03-2018 22:32, darius wrote:
> > Thanks for the help. I will try ulogd and see if it works in my case,
> > but I'm more than sure it will. I'll get back with results.
> > 
> > On 22-03-2018 14:41, Raymond Burkholder wrote:
> > > > Ok, it was nf_log_ipv4, but it is a part of iptables. I can get nf_log_ipv4
> > > > installed only if I select XT tables and LOG matching for iptables, so means
> > > > that some core components of iptables also comes to the installation. I would
> > > > like to use only nfnetling_log for logging, but if I try to execute this \
> > > > command 'echo "nfnetlink_log" /proc/sys/net/netfilter/nf_log/2', then I get \
> > > > error, that wirte cannot be executed. Should I then necessarily have ulogd \
> > > > installed on my system in order to be able to use nfnetlink logging?
> > > I run ulogd on my systems.  Is light weight and functional.  I was going to \
> > > suggest that way early in your thread, but didn't get around to it. 
> > > These are the related installed modules:
> > > 
> > > # lsmod |grep nf|grep log
> > > nft_log                16384  49
> > > nf_tables             106496  510 \
> > > nft_ct,nft_chain_nat_ipv4,nf_tables_arp,nf_tables_ipv4,nft_masq,nft_meta,nft_masq_ipv4,nft_counter,nft_log
> > >  nfnetlink_log          20480  50
> > > nfnetlink              16384  9 nfnetlink_log,nf_conntrack_netlink,nf_tables
> > > 
> > > 
> > --
> > To unsubscribe from this list: send the line "unsubscribe netfilter" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[prev in list] [next in list] [prev in thread] [next in thread]