maybe chmod 0755 'config-archive/etc/init.d/ulogd,v'
maybe chmod 0644 'config-archive/etc/inittab'
maybe chmod 0644 'config-archive/etc/inittab,v'
+maybe chmod 0644 'config-archive/etc/inittab.1'
maybe chmod 0644 'config-archive/etc/inittab.dist'
maybe chmod 0644 'config-archive/etc/inputrc,v'
maybe chmod 0644 'config-archive/etc/krb5.conf.example,v'
maybe chmod 0644 'config-archive/etc/ulogd.conf,v'
maybe chmod 0640 'config-archive/etc/ulogd.conf.1'
maybe chmod 0640 'config-archive/etc/ulogd.conf.2'
+maybe chmod 0640 'config-archive/etc/ulogd.conf.3'
maybe chmod 0640 'config-archive/etc/ulogd.conf.dist'
maybe chmod 0644 'config-archive/etc/updatedb.conf,v'
maybe chmod 0755 'config-archive/usr'
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
# Default runlevel.
id:3:initdefault:
c6:2345:respawn:/sbin/agetty 38400 tty6 linux
# SERIAL CONSOLES
-#s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100
-#s1:12345:respawn:/sbin/agetty 115200 ttyS1 vt100
+#s0:12345:respawn:/sbin/agetty -L 115200 ttyS0 vt100
+#s1:12345:respawn:/sbin/agetty -L 115200 ttyS1 vt100
s0:12345:respawn:/sbin/agetty -L ttyS0 57600 vt100
# What to do at the "Three Finger Salute".
# extra at boot if /etc/init.d/xdm is not added
# to the "default" runlevel.
x:a:once:/etc/X11/startDM.sh
-
--- /dev/null
+#
+# /etc/inittab: This file describes how the INIT process should set up
+# the system in a certain run-level.
+#
+# Author: Miquel van Smoorenburg, <miquels@cistron.nl>
+# Modified by: Patrick J. Volkerding, <volkerdi@ftp.cdrom.com>
+# Modified by: Daniel Robbins, <drobbins@gentoo.org>
+# Modified by: Martin Schlemmer, <azarah@gentoo.org>
+# Modified by: Mike Frysinger, <vapier@gentoo.org>
+# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+#
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $
+
+# Default runlevel.
+id:3:initdefault:
+
+# System initialization, mount local filesystems, etc.
+si::sysinit:/sbin/rc sysinit
+
+# Further system initialization, brings up the boot runlevel.
+rc::bootwait:/sbin/rc boot
+
+l0:0:wait:/sbin/rc shutdown
+l0s:0:wait:/sbin/halt -dhp
+l1:1:wait:/sbin/rc single
+l2:2:wait:/sbin/rc nonetwork
+l3:3:wait:/sbin/rc default
+l4:4:wait:/sbin/rc default
+l5:5:wait:/sbin/rc default
+l6:6:wait:/sbin/rc reboot
+l6r:6:wait:/sbin/reboot -dk
+#z6:6:respawn:/sbin/sulogin
+
+# new-style single-user
+su0:S:wait:/sbin/rc single
+su1:S:wait:/sbin/sulogin
+
+# TERMINALS
+c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux
+c2:2345:respawn:/sbin/agetty 38400 tty2 linux
+c3:2345:respawn:/sbin/agetty 38400 tty3 linux
+c4:2345:respawn:/sbin/agetty 38400 tty4 linux
+c5:2345:respawn:/sbin/agetty 38400 tty5 linux
+c6:2345:respawn:/sbin/agetty 38400 tty6 linux
+
+# SERIAL CONSOLES
+#s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100
+#s1:12345:respawn:/sbin/agetty 115200 ttyS1 vt100
+s0:12345:respawn:/sbin/agetty -L ttyS0 57600 vt100
+
+# What to do at the "Three Finger Salute".
+ca:12345:ctrlaltdel:/sbin/shutdown -r now
+
+# Used by /etc/init.d/xdm to control DM startup.
+# Read the comments in /etc/init.d/xdm for more
+# info. Do NOT remove, as this will start nothing
+# extra at boot if /etc/init.d/xdm is not added
+# to the "default" runlevel.
+x:a:once:/etc/X11/startDM.sh
+
# Modified by: Martin Schlemmer, <azarah@gentoo.org>
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+# Modified by: William Hubbs, <williamh@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
+# $Id$
# Default runlevel.
id:3:initdefault:
# System initialization, mount local filesystems, etc.
-si::sysinit:/sbin/rc sysinit
+si::sysinit:/sbin/openrc sysinit
# Further system initialization, brings up the boot runlevel.
-rc::bootwait:/sbin/rc boot
-
-l0:0:wait:/sbin/rc shutdown
-l0s:0:wait:/sbin/halt -dhp
-l1:1:wait:/sbin/rc single
-l2:2:wait:/sbin/rc nonetwork
-l3:3:wait:/sbin/rc default
-l4:4:wait:/sbin/rc default
-l5:5:wait:/sbin/rc default
-l6:6:wait:/sbin/rc reboot
-l6r:6:wait:/sbin/reboot -dk
+rc::bootwait:/sbin/openrc boot
+
+l0:0:wait:/sbin/openrc shutdown
+l0s:0:wait:/sbin/halt -dhnp
+l1:1:wait:/sbin/openrc single
+l2:2:wait:/sbin/openrc nonetwork
+l3:3:wait:/sbin/openrc default
+l4:4:wait:/sbin/openrc default
+l5:5:wait:/sbin/openrc default
+l6:6:wait:/sbin/openrc reboot
+l6r:6:wait:/sbin/reboot -dkn
#z6:6:respawn:/sbin/sulogin
# new-style single-user
-su0:S:wait:/sbin/rc single
+su0:S:wait:/sbin/openrc single
su1:S:wait:/sbin/sulogin
# TERMINALS
+#x1:12345:respawn:/sbin/agetty 38400 console linux
c1:12345:respawn:/sbin/agetty 38400 tty1 linux
c2:2345:respawn:/sbin/agetty 38400 tty2 linux
c3:2345:respawn:/sbin/agetty 38400 tty3 linux
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.2/html
+html_directory = /usr/share/doc/postfix-3.0.3-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.2/readme
+readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme
+#inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
mydestination = $myhostname, $mydomain, hash:/etc/postfix/maps/mydomains
mydomain = brehm-online.com
myhostname = helga.brehm-online.com
-mynetworks = 127.0.0.0/8 85.214.134.152/32 85.214.109.1/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128
+mynetworks = 127.0.0.0/8 85.214.134.152/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128 138.201.28.135/32 [2a01:4f8:171:3006::2]/128
mynetworks_style = host
myorigin = $mydomain
#recipient_bcc_maps = mysql:/etc/postfix/mysql-recipient_bcc.cf
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.1-r1/html
+html_directory = /usr/share/doc/postfix-3.0.2/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme
+readme_directory = /usr/share/doc/postfix-3.0.2/readme
+
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.0/html
+html_directory = /usr/share/doc/postfix-3.0.1-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.0/readme
+readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
+# COMPATIBILITY
+#
+# The compatibility_level determines what default settings Postfix
+# will use for main.cf and master.cf settings. These defaults will
+# change over time.
+#
+# To avoid breaking things, Postfix will use backwards-compatible
+# default settings and log where it uses those old backwards-compatible
+# default settings, until the system administrator has determined
+# if any backwards-compatible default settings need to be made
+# permanent in main.cf or master.cf.
+#
+# When this review is complete, update the compatibility_level setting
+# below as recommended in the RELEASE_NOTES file.
+#
+# The level below is what should be used with new (not upgrade) installs.
+#
+#compatibility_level = 2
+compatibility_level = 2
+
# SOFT BOUNCE
#
# The soft_bounce parameter provides a limited safety net for
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.11.3/html
+html_directory = /usr/share/doc/postfix-3.0.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.11.3/readme
+readme_directory = /usr/share/doc/postfix-3.0.0/readme
+meta_directory = /etc/postfix
+shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
#virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_mailbox_maps = hash:/etc/postfix/maps/virtual_mailbox_maps
virtual_uid_maps = static:1023
+append_dot_mydomain = yes
+# smtputf8_enable = yes
+smtputf8_enable = no
# For common configuration examples, see BASIC_CONFIGURATION_README
# and STANDARD_CONFIGURATION_README. To find these documents, use
# the command "postconf html_directory readme_directory", or go to
-# http://www.postfix.org/.
+# http://www.postfix.org/BASIC_CONFIGURATION_README.html etc.
#
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.3/html
+html_directory = /usr/share/doc/postfix-2.11.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.3/readme
+readme_directory = /usr/share/doc/postfix-2.11.3/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.2/html
+html_directory = /usr/share/doc/postfix-2.10.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.2/readme
+readme_directory = /usr/share/doc/postfix-2.10.3/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.1/html
+html_directory = /usr/share/doc/postfix-2.10.2/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.1/readme
+readme_directory = /usr/share/doc/postfix-2.10.2/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.0/html
+html_directory = /usr/share/doc/postfix-2.10.1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.0/readme
+readme_directory = /usr/share/doc/postfix-2.10.1/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.9.5/html
+html_directory = /usr/share/doc/postfix-2.10.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.9.5/readme
+readme_directory = /usr/share/doc/postfix-2.10.0/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.9.4/html
+html_directory = /usr/share/doc/postfix-2.9.5/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.9.4/readme
+readme_directory = /usr/share/doc/postfix-2.9.5/readme
home_mailbox = .maildir/
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_maps = hash:/etc/postfix/maps/aliases
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
-# The default is $myhostname + localhost.$mydomain. On a mail domain
-# gateway, you should also include $mydomain.
+# The default is $myhostname + localhost.$mydomain + localhost. On
+# a mail domain gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.3-r1/html
+html_directory = /usr/share/doc/postfix-3.1.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme
+readme_directory = /usr/share/doc/postfix-3.1.0/readme
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
directory="/var/log/ulogd/"
sync=1
+[json1]
+sync=1
+#file="/var/log/ulogd/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
#file="/var/log/ulogd/ulogd.pcap"
# Example configuration for ulogd
-# $Id: ulogd.conf,v 1.3 2010/10/12 07:51:44 root Exp $
# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
[global]
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
-#file=/var/log/ulogd/ulogd.pcap
+#file="/var/log/ulogd/ulogd.pcap"
sync=1
[mysql1]
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# backlog configuration:
+# set backlog_memcap to the size of memory that will be
+# allocated to store events in memory if data is temporary down
+# and insert them when the database came back.
+#backlog_memcap=1000000
+# number of events to insert at once when backlog is not empty
+#backlog_oneshot_requests=10
[mysql2]
db="nulog"
#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# connstring can be used to define PostgreSQL connection string which
+# contains all parameters of the connection. If set, this value has
+# precedence on other variables used to build the connection string.
+# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
+# for a complete description of options.
+#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
+#backlog_memcap=1000000
+#backlog_oneshot_requests=10
+# If superior to 1 a thread dedicated to SQL request execution
+# is created. The value stores the number of SQL request to keep
+# in the ring buffer
+#ring_buffer_size=1000
[pgsql2]
db="nulog"
[nacct1]
sync = 1
+#file = /var/log/ulogd/ulogd_nacct.log
[mark1]
mark = 1
# logfile for status messages
logfile="/var/log/ulogd/daemon.log"
-# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
loglevel=3
######################################################################
plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for packet-based logging via LOGEMU with filtering on MARK
#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for packet-based logging via GPRINT
+#stack=log1:NFLOG,gp1:GPRINT
+
# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
-# this is a stack for flow-based logging via OPRINT
-#stack=ct1:NFCT,op1:OPRINT
+# this is a stack for flow-based logging via GPRINT
+#stack=ct1:NFCT,gp1:GPRINT
# this is a stack for flow-based logging via XML
#stack=ct1:NFCT,xml1:XML
# this is a stack for logging in XML
#stack=log1:NFLOG,xml1:XML
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
+# this is a stack for accounting-based logging to a Graphite server
+#stack=acct1:NFACCT,graphite1:GRAPHITE
+
# this is a stack for NFLOG packet-based logging to PCAP
#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+# this is a stack for logging packets to syslog after a collect via NuFW
+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
# this is a stack for flow-based logging to MySQL
#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
# this is a stack for flow-based logging to PGSQL without local hash
#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+# this is a stack for flow-based logging to SQLITE3
+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
+
+# this is a stack for logging packet to SQLITE3
+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
# this is a stack for flow-based logging in NACCT compatible format
#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+# this is a stack for accounting-based logging via GPRINT
+#stack=acct1:NFACCT,gp1:GPRINT
+
[ct1]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
#pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
+#accept_proto_filter=tcp,sctp # layer 4 proto of connections
[ct2]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
hash_enable=0
# Logging of system packet through NFLOG
nlgroup=1
#numeric_label=0 # optional argument
+[nuauth1]
+socket_path="/run/nuauth_ulogd2.sock"
+
[emu1]
file="/var/log/ulogd/syslogemu.log"
sync=1
[op1]
file="/var/log/ulogd/oprint.log"
-#file="/var/log/ulogd_oprint.log"
sync=1
+[gp1]
+file="/var/log/ulogd/gprint.log"
+sync=1
+timestamp=1
+
[xml1]
directory="/var/log/ulogd/"
sync=1
[pcap1]
+#default file is /var/log/ulogd/ulogd.pcap
+#file=/var/log/ulogd/ulogd.pcap
sync=1
[mysql1]
db="nulog"
host="localhost"
user="nupik"
-table="ulog"
+table="conntrack"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog"
+#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_OR_REPLACE_CT"
+[pgsql4]
+db="nulog"
+host="localhost"
+user="nupik"
+table="nfacct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_NFACCT"
+
[dbi1]
db="ulog2"
dbtype="pgsql"
pass="ulog2"
procedure="INSERT_PACKET_FULL"
+[sqlite3_ct]
+table="ulog_ct"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
+[sqlite3_pkt]
+table="ulog_pkt"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
[sys2]
facility=LOG_LOCAL2
[mark1]
mark = 1
+
+[acct1]
+pollinterval = 2
+# If set to 0, we don't reset the counters for each polling (default is 1).
+#zerocounter = 0
+# Set timestamp (default is 0, which means not set). This timestamp can be
+# interpreted by the output plugin.
+#timestamp = 1
+
+[graphite1]
+host="127.0.0.1"
+port="2003"
+# Prefix of data name sent to graphite server
+prefix="netfilter.nfacct"
--- /dev/null
+# Example configuration for ulogd
+# $Id: ulogd.conf,v 1.3 2010/10/12 07:51:44 root Exp $
+# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+
+# logfile for status messages
+logfile="/var/log/ulogd/daemon.log"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+loglevel=3
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
+plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
+plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+
+# this is a stack for logging packet send by system via LOGEMU
+stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU
+stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for ULOG packet-based logging via LOGEMU
+stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for flow-based logging via LOGEMU
+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+
+# this is a stack for flow-based logging via OPRINT
+#stack=ct1:NFCT,op1:OPRINT
+
+# this is a stack for flow-based logging via XML
+#stack=ct1:NFCT,xml1:XML
+
+# this is a stack for logging in XML
+#stack=log1:NFLOG,xml1:XML
+
+# this is a stack for NFLOG packet-based logging to PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
+
+# this is a stack for logging packet to MySQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
+
+# this is a stack for logging packet to PGsql after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+
+# this is a stack for logging packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for flow-based logging to MySQL
+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
+
+# this is a stack for flow-based logging to PGSQL
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
+
+# this is a stack for flow-based logging to PGSQL without local hash
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+
+
+# this is a stack for flow-based logging in NACCT compatible format
+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+
+[ct1]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
+#pollinterval=10 # use poll-based logging instead of event-driven
+
+[ct2]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+hash_enable=0
+
+# Logging of system packet through NFLOG
+[log1]
+# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
+group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# set number of packet to queue inside kernel
+#netlink_qthreshold=1
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
+
+# packet logging through NFLOG for group 1
+[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=1 # Group has to be different from the one use in log1
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
+#bind=1
+
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
+[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=2 # Group has to be different from the one use in log1/log2
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#bind=1
+
+[ulog1]
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+#numeric_label=0 # optional argument
+
+[emu1]
+file="/var/log/ulogd/syslogemu.log"
+sync=1
+
+[op1]
+file="/var/log/ulogd/oprint.log"
+#file="/var/log/ulogd_oprint.log"
+sync=1
+
+[xml1]
+directory="/var/log/ulogd/"
+sync=1
+
+[pcap1]
+sync=1
+
+[mysql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[mysql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[pgsql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql3]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_OR_REPLACE_CT"
+
+[dbi1]
+db="ulog2"
+dbtype="pgsql"
+host="localhost"
+user="ulog2"
+table="ulog"
+pass="ulog2"
+procedure="INSERT_PACKET_FULL"
+
+[sys2]
+facility=LOG_LOCAL2
+
+[nacct1]
+sync = 1
+
+[mark1]
+mark = 1
# by the input plugin is coding the action on packet: if 0, then
# packet has been blocked and if non null it has been accepted.
#boolean_label=1
+# Uncomment the following line to use JSON v1 event format that
+# can provide better compatility with some JSON file reader.
+#eventv1=1
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sys2]
facility=LOG_LOCAL2
# Modified by: Martin Schlemmer, <azarah@gentoo.org>
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+# Modified by: William Hubbs, <williamh@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
+# $Id$
# Default runlevel.
id:3:initdefault:
# System initialization, mount local filesystems, etc.
-si::sysinit:/sbin/rc sysinit
+si::sysinit:/sbin/openrc sysinit
# Further system initialization, brings up the boot runlevel.
-rc::bootwait:/sbin/rc boot
-
-l0:0:wait:/sbin/rc shutdown
-l0s:0:wait:/sbin/halt -dhp
-l1:1:wait:/sbin/rc single
-l2:2:wait:/sbin/rc nonetwork
-l3:3:wait:/sbin/rc default
-l4:4:wait:/sbin/rc default
-l5:5:wait:/sbin/rc default
-l6:6:wait:/sbin/rc reboot
-l6r:6:wait:/sbin/reboot -dk
+rc::bootwait:/sbin/openrc boot
+
+l0:0:wait:/sbin/openrc shutdown
+l0s:0:wait:/sbin/halt -dhnp
+l1:1:wait:/sbin/openrc single
+l2:2:wait:/sbin/openrc nonetwork
+l3:3:wait:/sbin/openrc default
+l4:4:wait:/sbin/openrc default
+l5:5:wait:/sbin/openrc default
+l6:6:wait:/sbin/openrc reboot
+l6r:6:wait:/sbin/reboot -dkn
#z6:6:respawn:/sbin/sulogin
# new-style single-user
-su0:S:wait:/sbin/rc single
+su0:S:wait:/sbin/openrc single
su1:S:wait:/sbin/sulogin
# TERMINALS
+#x1:12345:respawn:/sbin/agetty 38400 console linux
c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux
c2:2345:respawn:/sbin/agetty 38400 tty2 linux
c3:2345:respawn:/sbin/agetty 38400 tty3 linux
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
-# The default is $myhostname + localhost.$mydomain. On a mail domain
-# gateway, you should also include $mydomain.
+# The default is $myhostname + localhost.$mydomain + localhost. On
+# a mail domain gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.3-r1/html
+html_directory = /usr/share/doc/postfix-3.1.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme
-
+readme_directory = /usr/share/doc/postfix-3.1.0/readme
#inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# by the input plugin is coding the action on packet: if 0, then
# packet has been blocked and if non null it has been accepted.
#boolean_label=1
+# Uncomment the following line to use JSON v1 event format that
+# can provide better compatility with some JSON file reader.
+#eventv1=1
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sys2]
facility=LOG_LOCAL2
projects / config / helga / etc.git / commitdiff