Am 09.10.2015 um 17:21 schrieb Erich Titl:
> Hi Folks
>
> I am trying to log using netlink as a backend and the NFLOG ulogd combo.
>
> I can see that shorewall includes NFLOG as log target into the iptable
> rules, but ulogd is not impressed. I appear to be stuck with this as I
> don't know where to continue diagnosis.
>
Finally got it, the nflog-group settings did not match, unfortunately I
have not been able to find the NFLOG parameter settings explained for
shorewall, so here is the hint for those who can't find them (like me)
WHATEVER_LEVEL=NFLOG(group,range,threshold)
And here it is
NFLOG target reference
--nflog-group N
The number of the netlink multicast group to which NFLOG'ed packets
are sent. You will have to use the same group number in the NFLOG target
and ulogd in order to make logging work.
Sorry for the noise
Erich
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
