Hello community,
here is the log from the commit of package ulogd for openSUSE:Factory checked in at 2014-04-26 10:12:01
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ulogd (Old)
and /work/SRC/openSUSE:Factory/.ulogd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ulogd"
Changes:
--------
--- /work/SRC/openSUSE:Factory/ulogd/ulogd.changes 2013-11-30 16:23:24.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.ulogd.new/ulogd.changes 2014-04-26 10:12:01.000000000 +0200
@@ -1,0 +2,7 @@
+Fri Apr 18 12:37:59 UTC 2014 - jengelh@inai.de
+
+- Update to new upstream release 2.0.4
+* ulogd 2.0.4 features a new JSON output plugin allowing easy
+ integration with log management systems.
+
+-------------------------------------------------------------------
Old:
----
ulogd-2.0.3.tar.bz2
ulogd-2.0.3.tar.bz2.sig
New:
----
ulogd-2.0.4.tar.bz2
ulogd-2.0.4.tar.bz2.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ulogd.spec ++++++
--- /var/tmp/diff_new_pack.gOnGYj/_old 2014-04-26 10:12:02.000000000 +0200
+++ /var/tmp/diff_new_pack.gOnGYj/_new 2014-04-26 10:12:02.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ulogd
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: ulogd
-Version: 2.0.3
+Version: 2.0.4
Release: 0
Summary: Userspace logging for Netfilter
License: GPL-2.0
@@ -125,13 +125,13 @@
mkdir -p "$b/var/log/ulogd";
mkdir -p "$b/%_sysconfdir";
install -pm0644 ulogd.conf "$b/%_sysconfdir/";
-mkdir -p "$b/%_initrddir" "$b/%_sbindir";
-install -pm0755 "%{S:3}" "$b/%_initrddir/%name";
-ln -s "%_initrddir/%name" "$b/%_sbindir/rc%name";
-
%if 0%{?_unitdir:1}
mkdir -p "$b/%_unitdir";
install -pm0644 "%{S:4}" "$b/%_unitdir";
+%else
+mkdir -p "$b/%_initrddir" "$b/%_sbindir";
+install -pm0755 "%{S:3}" "$b/%_initrddir/%name";
+ln -s "%_initrddir/%name" "$b/%_sbindir/rc%name";
%endif
%pre
@@ -141,16 +141,13 @@
%service_add_pre ulogd.service
%endif
-%post
%if 0%{?_unitdir:1}
+%post
%service_add_post ulogd.service
%endif
-%preun
-%if 0%{?suse_version}
-%stop_on_removal ulogd
-%endif
%if 0%{?_unitdir:1}
+%preun
%service_del_preun ulogd.service
%endif
@@ -165,9 +162,7 @@
%files
%defattr(-,root,root)
%config(noreplace) %_sysconfdir/ulogd.conf
-%_initddir/%name
%_sbindir/ulogd
-%_sbindir/rc%name
%dir %_libdir/%name
%_libdir/%name/ulogd_[fir]*.so*
%_libdir/%name/ulogd_output_GRAPHITE.so*
@@ -181,6 +176,9 @@
%attr(0750,ulogd,root) /var/log/ulogd
%if 0%{?_unitdir:1}
%_unitdir/ulogd.service
+%else
+%_initddir/%name
+%_sbindir/rc%name
%endif
# These are the dependency-heavy things:
++++++ ulogd-2.0.3.tar.bz2 -> ulogd-2.0.4.tar.bz2 ++++++
++++ 1862 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/build-aux/missing new/ulogd-2.0.4/build-aux/missing
--- old/ulogd-2.0.3/build-aux/missing 2013-11-19 19:32:15.000000000 +0100
+++ new/ulogd-2.0.4/build-aux/missing 2014-03-23 16:39:32.000000000 +0100
@@ -1,7 +1,7 @@
#! /bin/sh
# Common wrapper for a few potentially missing GNU programs.
-scriptversion=2012-06-26.16; # UTC
+scriptversion=2013-10-28.13; # UTC
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard , 1996.
@@ -160,7 +160,7 @@
;;
autom4te*)
echo "You might have modified some maintainer files that require"
- echo "the 'automa4te' program to be rebuilt."
+ echo "the 'autom4te' program to be rebuilt."
program_details 'autom4te'
;;
bison*|yacc*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/config.h.in new/ulogd-2.0.4/config.h.in
--- old/ulogd-2.0.3/config.h.in 2013-11-19 19:32:15.000000000 +0100
+++ new/ulogd-2.0.4/config.h.in 2014-03-23 16:39:31.000000000 +0100
@@ -34,9 +34,6 @@
/* Define to 1 if you have the `pq' library (-lpq). */
#undef HAVE_LIBPQ
-/* Define to 1 if you have the `pthread' library (-lpthread). */
-#undef HAVE_LIBPTHREAD
-
/* Define to 1 if you have the header file. */
#undef HAVE_MEMORY_H
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/configure.ac new/ulogd-2.0.4/configure.ac
--- old/ulogd-2.0.3/configure.ac 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/configure.ac 2014-03-23 16:30:50.000000000 +0100
@@ -1,5 +1,5 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT([ulogd], [2.0.3])
+AC_INIT([ulogd], [2.0.4])
AC_PREREQ([2.50])
AC_CONFIG_AUX_DIR([build-aux])
AM_INIT_AUTOMAKE([-Wall foreign tar-pax no-dist-gzip dist-bzip2 1.10b])
@@ -39,7 +39,8 @@
regular_CFLAGS="-Wall -Wextra -Wno-unused-parameter"
AC_SUBST([regular_CFLAGS])
-AC_CHECK_LIB(pthread, pthread_create)
+AC_SEARCH_LIBS([pthread_create], [pthread], [libpthread_LIBS="$LIBS"; LIBS=""])
+AC_SUBST([libpthread_LIBS])
dnl Check for the right nfnetlink version
PKG_CHECK_MODULES([LIBNFNETLINK], [libnfnetlink >= 1.0.1])
@@ -116,6 +117,17 @@
enable_pcap="no"
fi
+AC_ARG_WITH([jansson], AS_HELP_STRING([--without-jansson], [Build without JSON output plugin [default=test]]))
+AS_IF([test "x$with_jansson" != "xno"], [
+ PKG_CHECK_MODULES([libjansson], [jansson], [], [:])
+])
+AM_CONDITIONAL([HAVE_JANSSON], [test -n "$libjansson_LIBS"])
+if test "x$libjansson_LIBS" != "x"; then
+ enable_jansson="yes"
+else
+ enable_jansson="no"
+fi
+
dnl AC_SUBST(DATABASE_DIR)
dnl AC_SUBST(DATABASE_LIB)
dnl AC_SUBST(DATABASE_LIB_DIR)
@@ -151,5 +163,6 @@
MySQL plugin: ${enable_mysql}
SQLITE3 plugin: ${enable_sqlite3}
DBI plugin: ${enable_dbi}
+ JSON plugin: ${enable_jansson}
"
echo "You can now run 'make' and 'make install'"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/filter/raw2packet/ulogd_raw2packet_BASE.c new/ulogd-2.0.4/filter/raw2packet/ulogd_raw2packet_BASE.c
--- old/ulogd-2.0.3/filter/raw2packet/ulogd_raw2packet_BASE.c 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/filter/raw2packet/ulogd_raw2packet_BASE.c 2014-03-23 16:30:50.000000000 +0100
@@ -259,6 +259,7 @@
.vendor = IPFIX_VENDOR_IETF,
.field_id = IPFIX_tcpSourcePort,
},
+ .cim_name = "src_port",
},
[KEY_TCP_DPORT] = {
.type = ULOGD_RET_UINT16,
@@ -268,6 +269,7 @@
.vendor = IPFIX_VENDOR_IETF,
.field_id = IPFIX_tcpDestinationPort,
},
+ .cim_name = "dest_port",
},
[KEY_TCP_SEQ] = {
.type = ULOGD_RET_UINT32,
@@ -368,6 +370,7 @@
.vendor = IPFIX_VENDOR_IETF,
.field_id = IPFIX_udpSourcePort,
},
+ .cim_name = "src_port",
},
[KEY_UDP_DPORT] = {
.type = ULOGD_RET_UINT16,
@@ -377,6 +380,7 @@
.vendor = IPFIX_VENDOR_IETF,
.field_id = IPFIX_udpDestinationPort,
},
+ .cim_name = "dest_port",
},
[KEY_UDP_LEN] = {
.type = ULOGD_RET_UINT16,
@@ -512,12 +516,14 @@
[KEY_SCTP_SPORT] = {
.type = ULOGD_RET_UINT16,
.flags = ULOGD_RETF_NONE,
- .name = "sctp.sport",
+ .name = "sctp.sport",
+ .cim_name = "src_port",
},
[KEY_SCTP_DPORT] = {
.type = ULOGD_RET_UINT16,
.flags = ULOGD_RETF_NONE,
- .name = "sctp.dport",
+ .name = "sctp.dport",
+ .cim_name = "dest_port",
},
[KEY_SCTP_CSUM] = {
.type = ULOGD_RET_UINT32,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/filter/ulogd_filter_IP2STR.c new/ulogd-2.0.4/filter/ulogd_filter_IP2STR.c
--- old/ulogd-2.0.3/filter/ulogd_filter_IP2STR.c 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/filter/ulogd_filter_IP2STR.c 2014-03-23 16:30:50.000000000 +0100
@@ -102,18 +102,22 @@
{
.type = ULOGD_RET_STRING,
.name = "ip.saddr.str",
+ .cim_name = "src_ip",
},
{
.type = ULOGD_RET_STRING,
.name = "ip.daddr.str",
+ .cim_name = "dest_ip",
},
{
.type = ULOGD_RET_STRING,
.name = "orig.ip.saddr.str",
+ .cim_name = "src_ip",
},
{
.type = ULOGD_RET_STRING,
.name = "orig.ip.daddr.str",
+ .cim_name = "dest_ip",
},
{
.type = ULOGD_RET_STRING,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/include/ulogd/db.h new/ulogd-2.0.4/include/ulogd/db.h
--- old/ulogd-2.0.3/include/ulogd/db.h 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/include/ulogd/db.h 2014-03-23 16:30:50.000000000 +0100
@@ -65,7 +65,7 @@
#define TIME_ERR ((time_t)-1) /* Be paranoid */
#define RECONNECT_DEFAULT 2
#define MAX_ONESHOT_REQUEST 10
-#define RING_BUFFER_DEFAULT_SIZE 10
+#define RING_BUFFER_DEFAULT_SIZE 0
#define DB_CES \
{ \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/include/ulogd/printpkt.h new/ulogd-2.0.4/include/ulogd/printpkt.h
--- old/ulogd-2.0.3/include/ulogd/printpkt.h 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/include/ulogd/printpkt.h 2014-03-23 16:30:50.000000000 +0100
@@ -3,7 +3,6 @@
enum pkt_keys {
KEY_OOB_FAMILY,
- KEY_OOB_TIME_SEC,
KEY_OOB_PREFIX,
KEY_OOB_IN,
KEY_OOB_OUT,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/include/ulogd/ulogd.h new/ulogd-2.0.4/include/ulogd/ulogd.h
--- old/ulogd-2.0.3/include/ulogd/ulogd.h 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/include/ulogd/ulogd.h 2014-03-23 16:30:50.000000000 +0100
@@ -17,6 +17,7 @@
#include
#include /* need this because of extension-sighandler */
#include
+#include
#include
#include
@@ -97,6 +98,9 @@
u_int16_t field_id;
} ipfix;
+ /* Store field name for Common Information Model */
+ char *cim_name;
+
union {
/* and finally the returned value */
union {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/input/flow/ulogd_inpflow_NFCT.c new/ulogd-2.0.4/input/flow/ulogd_inpflow_NFCT.c
--- old/ulogd-2.0.3/input/flow/ulogd_inpflow_NFCT.c 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/input/flow/ulogd_inpflow_NFCT.c 2014-03-23 16:30:50.000000000 +0100
@@ -621,7 +621,7 @@
propagate_ct(upi, upi, ct, type, ts);
}
-static void set_timestamp_from_ct(struct ct_timestamp *ts,
+static int set_timestamp_from_ct_try(struct ct_timestamp *ts,
struct nf_conntrack *ct, int name)
{
int attr_name;
@@ -636,7 +636,15 @@
nfct_get_attr_u64(ct, attr_name) / NSEC_PER_SEC;
ts->time[name].tv_usec =
(nfct_get_attr_u64(ct, attr_name) % NSEC_PER_SEC) / 1000;
- } else
+ return 1;
+ }
+ return 0;
+}
+
+static void set_timestamp_from_ct(struct ct_timestamp *ts,
+ struct nf_conntrack *ct, int name)
+{
+ if (!set_timestamp_from_ct_try(ts, ct, name))
gettimeofday(&ts->time[name], NULL);
}
@@ -732,8 +740,10 @@
break;
case NFCT_T_DESTROY:
set_timestamp_from_ct(&tmp, ct, STOP);
- tmp.time[START].tv_sec = 0;
- tmp.time[START].tv_usec = 0;
+ if (!set_timestamp_from_ct_try(&tmp, ct, START)) {
+ tmp.time[START].tv_sec = 0;
+ tmp.time[START].tv_usec = 0;
+ }
break;
default:
ulogd_log(ULOGD_NOTICE, "unsupported message type\n");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/m4/libtool.m4 new/ulogd-2.0.4/m4/libtool.m4
--- old/ulogd-2.0.3/m4/libtool.m4 2013-11-19 19:32:12.000000000 +0100
+++ new/ulogd-2.0.4/m4/libtool.m4 2014-03-23 16:39:29.000000000 +0100
@@ -1312,7 +1312,7 @@
rm -rf conftest*
;;
-x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \
s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
# Find out which ABI we are using.
echo 'int i;' > conftest.$ac_ext
@@ -1333,7 +1333,10 @@
;;
esac
;;
- ppc64-*linux*|powerpc64-*linux*)
+ powerpc64le-*)
+ LD="${LD-ld} -m elf32lppclinux"
+ ;;
+ powerpc64-*)
LD="${LD-ld} -m elf32ppclinux"
;;
s390x-*linux*)
@@ -1352,7 +1355,10 @@
x86_64-*linux*)
LD="${LD-ld} -m elf_x86_64"
;;
- ppc*-*linux*|powerpc*-*linux*)
+ powerpcle-*)
+ LD="${LD-ld} -m elf64lppc"
+ ;;
+ powerpc-*)
LD="${LD-ld} -m elf64ppc"
;;
s390*-*linux*|s390*-*tpf*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/output/Makefile.am new/ulogd-2.0.4/output/Makefile.am
--- old/ulogd-2.0.3/output/Makefile.am 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/output/Makefile.am 2014-03-23 16:30:50.000000000 +0100
@@ -9,6 +9,10 @@
ulogd_output_NACCT.la ulogd_output_XML.la \
ulogd_output_GRAPHITE.la
+if HAVE_JANSSON
+pkglib_LTLIBRARIES += ulogd_output_JSON.la
+endif
+
ulogd_output_GPRINT_la_SOURCES = ulogd_output_GPRINT.c
ulogd_output_GPRINT_la_LDFLAGS = -avoid-version -module
@@ -32,3 +36,9 @@
ulogd_output_GRAPHITE_la_SOURCES = ulogd_output_GRAPHITE.c
ulogd_output_GRAPHITE_la_LDFLAGS = -avoid-version -module
+
+if HAVE_JANSSON
+ulogd_output_JSON_la_SOURCES = ulogd_output_JSON.c
+ulogd_output_JSON_la_LIBADD = ${libjansson_LIBS}
+ulogd_output_JSON_la_LDFLAGS = -avoid-version -module
+endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/output/ulogd_output_JSON.c new/ulogd-2.0.4/output/ulogd_output_JSON.c
--- old/ulogd-2.0.3/output/ulogd_output_JSON.c 1970-01-01 01:00:00.000000000 +0100
+++ new/ulogd-2.0.4/output/ulogd_output_JSON.c 2014-03-23 16:30:50.000000000 +0100
@@ -0,0 +1,292 @@
+/* ulogd_output_JSON.c
+ *
+ * ulogd output target for logging to a file in JSON format.
+ *
+ * (C) 2014 by Eric Leblond
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifndef ULOGD_JSON_DEFAULT
+#define ULOGD_JSON_DEFAULT "/var/log/ulogd.json"
+#endif
+
+#ifndef ULOGD_JSON_DEFAULT_DEVICE
+#define ULOGD_JSON_DEFAULT_DEVICE "Netfilter"
+#endif
+
+struct json_priv {
+ FILE *of;
+ int sec_idx;
+ int usec_idx;
+};
+
+enum json_conf {
+ JSON_CONF_FILENAME = 0,
+ JSON_CONF_SYNC,
+ JSON_CONF_TIMESTAMP,
+ JSON_CONF_DEVICE,
+ JSON_CONF_BOOLEAN_LABEL,
+ JSON_CONF_MAX
+};
+
+static struct config_keyset json_kset = {
+ .num_ces = JSON_CONF_MAX,
+ .ces = {
+ [JSON_CONF_FILENAME] = {
+ .key = "file",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = {.string = ULOGD_JSON_DEFAULT },
+ },
+ [JSON_CONF_SYNC] = {
+ .key = "sync",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = 0 },
+ },
+ [JSON_CONF_TIMESTAMP] = {
+ .key = "timestamp",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = 1 },
+ },
+ [JSON_CONF_DEVICE] = {
+ .key = "device",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = ULOGD_JSON_DEFAULT_DEVICE },
+ },
+ [JSON_CONF_BOOLEAN_LABEL] = {
+ .key = "boolean_label",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = 0 },
+ },
+ },
+};
+
+#define MAX_LOCAL_TIME_STRING 32
+
+static int json_interp(struct ulogd_pluginstance *upi)
+{
+ struct json_priv *opi = (struct json_priv *) &upi->private;
+ unsigned int i;
+ json_t *msg;
+
+ msg = json_object();
+ if (!msg) {
+ ulogd_log(ULOGD_ERROR, "Unable to create JSON object\n");
+ return ULOGD_IRET_ERR;
+ }
+
+ if (upi->config_kset->ces[JSON_CONF_TIMESTAMP].u.value != 0) {
+ time_t now;
+ char timestr[MAX_LOCAL_TIME_STRING];
+ struct tm *t;
+ struct tm result;
+ struct ulogd_key *inp = upi->input.keys;
+
+
+ if (pp_is_valid(inp, opi->sec_idx))
+ now = (time_t) ikey_get_u64(&inp[opi->sec_idx]);
+ else
+ now = time(NULL);
+ t = localtime_r(&now, &result);
+
+ if (pp_is_valid(inp, opi->usec_idx)) {
+ snprintf(timestr, MAX_LOCAL_TIME_STRING,
+ "%04d-%02d-%02dT%02d:%02d:%02d.%06u",
+ t->tm_year + 1900, t->tm_mon + 1,
+ t->tm_mday, t->tm_hour,
+ t->tm_min, t->tm_sec,
+ ikey_get_u32(&inp[opi->usec_idx]));
+ } else {
+ snprintf(timestr, MAX_LOCAL_TIME_STRING,
+ "%04d-%02d-%02dT%02d:%02d:%02d",
+ t->tm_year + 1900, t->tm_mon + 1,
+ t->tm_mday, t->tm_hour,
+ t->tm_min, t->tm_sec);
+ }
+
+ json_object_set_new(msg, "timestamp", json_string(timestr));
+ }
+
+ if (upi->config_kset->ces[JSON_CONF_DEVICE].u.string) {
+ char *dvc = upi->config_kset->ces[JSON_CONF_DEVICE].u.string;
+ json_object_set_new(msg, "dvc", json_string(dvc));
+ }
+
+
+
+ for (i = 0; i < upi->input.num_keys; i++) {
+ struct ulogd_key *key = upi->input.keys[i].u.source;
+ char *field_name;
+
+ if (!key)
+ continue;
+
+ if (!IS_VALID(*key))
+ continue;
+
+ field_name = key->cim_name ? key->cim_name : key->name;
+
+ switch (key->type) {
+ case ULOGD_RET_STRING:
+ json_object_set_new(msg, field_name, json_string(key->u.value.ptr));
+ break;
+ case ULOGD_RET_BOOL:
+ case ULOGD_RET_INT8:
+ case ULOGD_RET_INT16:
+ case ULOGD_RET_INT32:
+ json_object_set_new(msg, field_name, json_integer(key->u.value.i32));
+ break;
+ case ULOGD_RET_UINT8:
+ if ((upi->config_kset->ces[JSON_CONF_BOOLEAN_LABEL].u.value != 0)
+ && (!strcmp(key->name, "raw.label"))) {
+ if (key->u.value.ui8)
+ json_object_set_new(msg, "action", json_string("allowed"));
+ else
+ json_object_set_new(msg, "action", json_string("blocked"));
+ break;
+ }
+ case ULOGD_RET_UINT16:
+ case ULOGD_RET_UINT32:
+ case ULOGD_RET_UINT64:
+ json_object_set_new(msg, field_name, json_integer(key->u.value.ui64));
+ default:
+ /* don't know how to interpret this key. */
+ break;
+ }
+ }
+
+ json_dumpf(msg, opi->of, 0);
+ fprintf(opi->of, "\n");
+
+ json_decref(msg);
+
+ if (upi->config_kset->ces[JSON_CONF_SYNC].u.value != 0)
+ fflush(opi->of);
+
+ return ULOGD_IRET_OK;
+}
+
+static void sighup_handler_print(struct ulogd_pluginstance *upi, int signal)
+{
+ struct json_priv *oi = (struct json_priv *) &upi->private;
+ FILE *old = oi->of;
+
+ switch (signal) {
+ case SIGHUP:
+ ulogd_log(ULOGD_NOTICE, "JSON: reopening logfile\n");
+ oi->of = fopen(upi->config_kset->ces[0].u.string, "a");
+ if (!oi->of) {
+ ulogd_log(ULOGD_ERROR, "can't open JSON "
+ "log file: %s\n",
+ strerror(errno));
+ oi->of = old;
+ } else {
+ fclose(old);
+ }
+ break;
+ default:
+ break;
+ }
+}
+
+static int json_configure(struct ulogd_pluginstance *upi,
+ struct ulogd_pluginstance_stack *stack)
+{
+ int ret;
+
+ ret = ulogd_wildcard_inputkeys(upi);
+ if (ret < 0)
+ return ret;
+
+ ret = config_parse_file(upi->id, upi->config_kset);
+ if (ret < 0)
+ return ret;
+
+ return 0;
+}
+
+static int json_init(struct ulogd_pluginstance *upi)
+{
+ struct json_priv *op = (struct json_priv *) &upi->private;
+ unsigned int i;
+
+ op->of = fopen(upi->config_kset->ces[0].u.string, "a");
+ if (!op->of) {
+ ulogd_log(ULOGD_FATAL, "can't open JSON log file: %s\n",
+ strerror(errno));
+ return -1;
+ }
+
+ /* search for time */
+ op->sec_idx = -1;
+ op->usec_idx = -1;
+ for (i = 0; i < upi->input.num_keys; i++) {
+ struct ulogd_key *key = upi->input.keys[i].u.source;
+ if (!strcmp(key->name, "oob.time.sec"))
+ op->sec_idx = i;
+ else if (!strcmp(key->name, "oob.time.usec"))
+ op->usec_idx = i;
+ }
+
+ return 0;
+}
+
+static int json_fini(struct ulogd_pluginstance *pi)
+{
+ struct json_priv *op = (struct json_priv *) &pi->private;
+
+ if (op->of != stdout)
+ fclose(op->of);
+
+ return 0;
+}
+
+static struct ulogd_plugin json_plugin = {
+ .name = "JSON",
+ .input = {
+ .type = ULOGD_DTYPE_PACKET | ULOGD_DTYPE_FLOW | ULOGD_DTYPE_SUM,
+ },
+ .output = {
+ .type = ULOGD_DTYPE_SINK,
+ },
+ .configure = &json_configure,
+ .interp = &json_interp,
+ .start = &json_init,
+ .stop = &json_fini,
+ .signal = &sighup_handler_print,
+ .config_kset = &json_kset,
+ .version = VERSION,
+};
+
+void __attribute__ ((constructor)) init(void);
+
+void init(void)
+{
+ ulogd_register_plugin(&json_plugin);
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/output/ulogd_output_NACCT.c new/ulogd-2.0.4/output/ulogd_output_NACCT.c
--- old/ulogd-2.0.3/output/ulogd_output_NACCT.c 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/output/ulogd_output_NACCT.c 2014-03-23 16:30:50.000000000 +0100
@@ -127,7 +127,7 @@
'timestamp' value use 'flow.end.sec' */
if (ikey_get_u8(&inp[KEY_IP_PROTO]) == IPPROTO_ICMP) {
snprintf(buf, sizeof(buf),
- "%u\t%u\t%s\t%u\t%s\t%u\t%llu\t%llu",
+ "%u\t%u\t%s\t%u\t%s\t%u\t%" PRIu64 "\t%" PRIu64,
ikey_get_u32(&inp[KEY_FLOW_END]),
ikey_get_u8(&inp[KEY_IP_PROTO]),
(char *) ikey_get_ptr(&inp[KEY_IP_SADDR]),
@@ -138,7 +138,7 @@
ikey_get_u64(&inp[KEY_RAW_PKTLEN]));
} else {
snprintf(buf, sizeof(buf),
- "%u\t%u\t%s\t%u\t%s\t%u\t%llu\t%llu",
+ "%u\t%u\t%s\t%u\t%s\t%u\t%" PRIu64 "\t%" PRIu64,
ikey_get_u32(&inp[KEY_FLOW_END]),
ikey_get_u8(&inp[KEY_IP_PROTO]),
(char *) ikey_get_ptr(&inp[KEY_IP_SADDR]),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/src/Makefile.am new/ulogd-2.0.4/src/Makefile.am
--- old/ulogd-2.0.3/src/Makefile.am 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/src/Makefile.am 2014-03-23 16:30:50.000000000 +0100
@@ -7,5 +7,5 @@
sbin_PROGRAMS = ulogd
ulogd_SOURCES = ulogd.c select.c timer.c rbtree.c conffile.c hash.c addr.c
-ulogd_LDADD = ${libdl_LIBS}
-ulogd_LDFLAGS = -export-dynamic -lpthread
+ulogd_LDADD = ${libdl_LIBS} ${libpthread_LIBS}
+ulogd_LDFLAGS = -export-dynamic
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/src/conffile.c new/ulogd-2.0.4/src/conffile.c
--- old/ulogd-2.0.3/src/conffile.c 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/src/conffile.c 2014-03-23 16:30:50.000000000 +0100
@@ -146,7 +146,7 @@
return -ERRTOOLONG;
}
- if (!(wordend = get_word(line, " \t\n[]", (char *) wordbuf)))
+ if (!(wordend = get_word(line, " \t\n\r[]", (char *) wordbuf)))
continue;
pr_debug("word: \"%s\"\n", wordbuf);
if (!strcmp(wordbuf, section)) {
@@ -178,7 +178,7 @@
return -ERRTOOLONG;
}
- if (!(wordend = get_word(line, " =\t\n", (char *) &wordbuf)))
+ if (!(wordend = get_word(line, " =\t\n\r", (char *) &wordbuf)))
continue;
if (wordbuf[0] == '[' ) {
@@ -195,7 +195,7 @@
continue;
}
- wordend = get_word(wordend, " =\t\n", (char *) &wordbuf);
+ wordend = get_word(wordend, " =\t\n\r", (char *) &wordbuf);
args = (char *)&wordbuf;
if (ce->hit && !(ce->options & CONFIG_OPT_MULTI))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/src/ulogd.c new/ulogd-2.0.4/src/ulogd.c
--- old/ulogd-2.0.3/src/ulogd.c 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/src/ulogd.c 2014-03-23 16:30:50.000000000 +0100
@@ -442,7 +442,7 @@
timestr = ctime(&tm);
timestr[strlen(timestr)-1] = '\0';
fprintf(outfd, "%s <%1.1d> %s:%d ", timestr, level, file, line);
- if (verbose)
+ if (verbose && outfd != stderr)
fprintf(stderr, "%s <%1.1d> %s:%d ", timestr, level, file, line);
@@ -452,7 +452,7 @@
/* flush glibc's buffer */
fflush(outfd);
- if (verbose) {
+ if (verbose && outfd != stderr) {
va_start(ap, format);
vfprintf(stderr, format, ap);
va_end(ap);
@@ -1383,9 +1383,10 @@
}
/* command line has precedence on config file */
- if (loglevel)
+ if (loglevel) {
loglevel_ce.u.value = loglevel;
loglevel_ce.flag |= CONFIG_FLAG_VAL_PROTECTED;
+ }
if (ulogd_pidfile) {
if (create_pidfile() < 0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/ulogd.conf.in new/ulogd-2.0.4/ulogd.conf.in
--- old/ulogd-2.0.3/ulogd.conf.in 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/ulogd.conf.in 2014-03-23 16:30:50.000000000 +0100
@@ -49,6 +49,7 @@
plugin="@pkglibdir@/ulogd_raw2packet_BASE.so"
plugin="@pkglibdir@/ulogd_inpflow_NFACCT.so"
plugin="@pkglibdir@/ulogd_output_GRAPHITE.so"
+#plugin="@pkglibdir@/ulogd_output_JSON.so"
# this is a stack for logging packet send by system via LOGEMU
#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
@@ -92,6 +93,9 @@
# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
@@ -195,6 +199,17 @@
directory="/var/log/"
sync=1
+[json1]
+sync=1
+#file="/var/log/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
[pcap1]
#default file is /var/log/ulogd.pcap
#file="/var/log/ulogd.pcap"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/util/db.c new/ulogd-2.0.4/util/db.c
--- old/ulogd-2.0.3/util/db.c 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/util/db.c 2014-03-23 16:30:50.000000000 +0100
@@ -590,7 +590,8 @@
"permanently disabling plugin\n");
di->interp = &disabled_interp_db;
return NULL;
- }
+ } else /* try to re run query */
+ continue;
}
*wr_place = RING_NO_QUERY;
di->ring.rd_item++;
@@ -619,6 +620,23 @@
ulogd_log(ULOGD_ERROR,
"No SIGHUP handling if ring buffer is used\n");
break;
+ case SIGTERM:
+ case SIGINT:
+ if (di->ring.size) {
+ int s = pthread_cancel(di->db_thread_id);
+ if (s != 0) {
+ ulogd_log(ULOGD_ERROR,
+ "Can't cancel injection thread\n");
+ break;
+ }
+ s = pthread_join(di->db_thread_id, NULL);
+ if (s != 0) {
+ ulogd_log(ULOGD_ERROR,
+ "Error waiting for injection thread"
+ "cancelation\n");
+ }
+ }
+ break;
default:
break;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/util/printflow.c new/ulogd-2.0.4/util/printflow.c
--- old/ulogd-2.0.3/util/printflow.c 2013-11-18 23:34:03.000000000 +0100
+++ new/ulogd-2.0.4/util/printflow.c 2014-03-23 16:30:50.000000000 +0100
@@ -135,9 +135,10 @@
};
int printflow_keys_num = sizeof(printflow_keys)/sizeof(*printflow_keys);
-#define pp_print(buf_cur, label, res, x, type) \
+#define pp_pri(type) PRI##type
+#define pp_print_u(buf_cur, label, res, x, type) \
if (pp_is_valid(res, x)) \
- buf_cur += sprintf(buf_cur, label"=%u ", ikey_get_##type(&res[x]));
+ buf_cur += sprintf(buf_cur, label"=%" pp_pri(type) " ", ikey_get_##type(&res[x]));
int printflow_print(struct ulogd_key *res, char *buf)
{
@@ -175,20 +176,20 @@
switch (ikey_get_u8(&res[PRINTFLOW_ORIG_IP_PROTOCOL])) {
case IPPROTO_TCP:
buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
+ pp_print_u(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
+ pp_print_u(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
break;
case IPPROTO_UDP:
buf_cur += sprintf(buf_cur, "PROTO=UDP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
+ pp_print_u(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
+ pp_print_u(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
break;
case IPPROTO_ICMP:
buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
- pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
- pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
+ pp_print_u(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
+ pp_print_u(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
break;
case IPPROTO_ESP:
@@ -200,13 +201,13 @@
break;
default:
- pp_print(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, u8);
+ pp_print_u(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, u8);
break;
}
orig_out:
- pp_print(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, u64);
- pp_print(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, u64);
+ pp_print_u(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, u64);
+ pp_print_u(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, u64);
buf_cur += sprintf(buf_cur, ", REPLY: ");
@@ -226,20 +227,20 @@
switch (ikey_get_u8(&res[PRINTFLOW_REPLY_IP_PROTOCOL])) {
case IPPROTO_TCP:
buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
+ pp_print_u(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
+ pp_print_u(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
break;
case IPPROTO_UDP:
buf_cur += sprintf(buf_cur, "PROTO=UDP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
+ pp_print_u(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
+ pp_print_u(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
break;
case IPPROTO_ICMP:
buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
- pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
- pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
+ pp_print_u(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
+ pp_print_u(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
break;
case IPPROTO_ESP:
@@ -251,13 +252,13 @@
break;
default:
- pp_print(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, u8);
+ pp_print_u(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, u8);
break;
}
reply_out:
- pp_print(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, u64);
- pp_print(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, u64);
+ pp_print_u(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, u64);
+ pp_print_u(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, u64);
strcat(buf_cur, "\n");
return 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ulogd-2.0.3/util/printpkt.c new/ulogd-2.0.4/util/printpkt.c
--- old/ulogd-2.0.3/util/printpkt.c 2013-06-18 22:52:50.000000000 +0200
+++ new/ulogd-2.0.4/util/printpkt.c 2014-03-23 16:30:50.000000000 +0100
@@ -39,7 +39,6 @@
struct ulogd_key printpkt_keys[] = {
[KEY_OOB_FAMILY] = { .name = "oob.family", },
[KEY_OOB_PROTOCOL] = { .name = "oob.protocol", },
- [KEY_OOB_TIME_SEC] = { .name = "oob.time.sec", },
[KEY_OOB_PREFIX] = { .name = "oob.prefix", },
[KEY_OOB_IN] = { .name = "oob.in", },
[KEY_OOB_OUT] = { .name = "oob.out", },
++++++ ulogd-conf.diff ++++++
--- /var/tmp/diff_new_pack.gOnGYj/_old 2014-04-26 10:12:02.000000000 +0200
+++ /var/tmp/diff_new_pack.gOnGYj/_new 2014-04-26 10:12:02.000000000 +0200
@@ -1,11 +1,11 @@
---
- ulogd.conf.in | 27 ++++++++++-----------------
- 1 file changed, 10 insertions(+), 17 deletions(-)
+ ulogd.conf.in | 29 +++++++++++------------------
+ 1 file changed, 11 insertions(+), 18 deletions(-)
-Index: ulogd-2.0.3/ulogd.conf.in
+Index: ulogd-2.0.4/ulogd.conf.in
===================================================================
---- ulogd-2.0.3.orig/ulogd.conf.in
-+++ ulogd-2.0.3/ulogd.conf.in
+--- ulogd-2.0.4.orig/ulogd.conf.in
++++ ulogd-2.0.4/ulogd.conf.in
@@ -6,9 +6,10 @@
# GLOBAL OPTIONS
######################################################################
@@ -18,7 +18,7 @@
# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
# loglevel=1
-@@ -56,9 +57,6 @@ plugin="@pkglibdir@/ulogd_output_GRAPHIT
+@@ -57,9 +58,6 @@ plugin="@pkglibdir@/ulogd_output_GRAPHIT
# this is a stack for packet-based logging via LOGEMU
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
@@ -28,7 +28,7 @@
# this is a stack for packet-based logging via LOGEMU with filtering on MARK
#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-@@ -170,34 +168,29 @@ numeric_label=1 # you can label the log
+@@ -174,34 +172,29 @@ numeric_label=1 # you can label the log
#netlink_socket_buffer_maxsize=1085440
#bind=1
@@ -61,6 +61,15 @@
+directory="/var/log/ulogd/"
sync=1
+ [json1]
+ sync=1
+-#file="/var/log/ulogd.json"
++#file="/var/log/ulogd/ulogd.json"
+ #timestamp=0
+ # device name to be used in JSON message
+ #device="My awesome Netfilter firewall"
+@@ -212,7 +205,7 @@ sync=1
+
[pcap1]
#default file is /var/log/ulogd.pcap
-#file="/var/log/ulogd.pcap"
@@ -68,7 +77,7 @@
sync=1
[mysql1]
-@@ -282,12 +275,12 @@ procedure="INSERT_PACKET_FULL"
+@@ -297,12 +290,12 @@ procedure="INSERT_PACKET_FULL"
[sqlite3_ct]
table="ulog_ct"
@@ -83,7 +92,7 @@
buffer=200
[sys2]
-@@ -295,7 +288,7 @@ facility=LOG_LOCAL2
+@@ -310,7 +303,7 @@ facility=LOG_LOCAL2
[nacct1]
sync = 1
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org