Bering-uClibc LEAF 5.x ulogd 改為 ulogd2,kernel 不支援 ulog 改為 nflog
安裝 ulogd-mysql 套件
ulogd-mysql
SHOREWALL 相關設定
/etc/shorewall/policy
#設定要 log 條件,NFLOG(4) 指定 nflog-group 4
vpn net ACCEPT NFLOG(4)
/etc/shorewall/rules
#設定要 log 條件,NFLOG(4) 指定 nflog-group 4
SSH(ACCEPT):NFLOG(4) loc fw
ULOGD2相關設定
修改 /etc/ulogd.conf 相關設定
plugin="/usr/lib/ulogd/ulogd_output_MYSQL.so"
stack=log4:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
[mysql1]
db="ulog2"
host="192.168.1.1"
user="ulog"
table="ulog" #表格名稱不能異動 ulog 為 view
pass="ulog"
procedure="INSERT_PACKET_FULL"
[log4]
group=4
numeric_label=4
查詢 ULOGD2 版本
ulogd -V
MySQL Server相關設定
1.建立相關資料庫及帳號
2.下載 ULOGD2 MySQL SQL,設定資料庫 http://www.netfilter.org/projects/ulogd/
/ulogd-2.????/doc/ mysql-ulogd2.sql
https://github.com/inliniac/ulogd2/blob/master/doc/mysql-ulogd2.sql
沒有留言:
張貼留言