From d0b3277e021ad55604f850885a4d3cb27d429724 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 4 Feb 2015 13:36:16 +0100 Subject: [PATCH] Current state --- .etckeeper | 3 +- config-archive/etc/ulogd.conf | 21 +- config-archive/etc/ulogd.conf.1 | 89 ++++++- config-archive/etc/ulogd.conf.2 | 219 ++++++++++++++++++ config-archive/etc/ulogd.conf.dist | 15 ++ cups/cups-files.conf | 11 +- cups/cupsd.conf | 9 +- cups/snmp.conf | 10 +- iproute2/rt_dsfield | 26 +-- mysql/my.cnf | 26 +-- portage/make.conf | 2 + .../{busybox-1.23.0 => busybox-1.23.0-r1} | 120 +++++----- ulogd.conf | 15 ++ 13 files changed, 444 insertions(+), 122 deletions(-) create mode 100644 config-archive/etc/ulogd.conf.2 rename portage/savedconfig/sys-apps/{busybox-1.23.0 => busybox-1.23.0-r1} (90%) diff --git a/.etckeeper b/.etckeeper index 122b1d6..8342b27 100755 --- a/.etckeeper +++ b/.etckeeper @@ -609,6 +609,7 @@ maybe chmod 0644 'config-archive/etc/sysstat' maybe chmod 0644 'config-archive/etc/sysstat.dist' maybe chmod 0640 'config-archive/etc/ulogd.conf' maybe chmod 0640 'config-archive/etc/ulogd.conf.1' +maybe chmod 0640 'config-archive/etc/ulogd.conf.2' maybe chmod 0640 'config-archive/etc/ulogd.conf.dist' maybe chmod 0755 'config-archive/usr' maybe chmod 0755 'config-archive/usr/share' @@ -1558,7 +1559,7 @@ maybe chmod 0755 'portage/repos.conf' maybe chmod 0644 'portage/repos.conf/gentoo.conf' maybe chmod 0755 'portage/savedconfig' maybe chmod 0755 'portage/savedconfig/sys-apps' -maybe chmod 0644 'portage/savedconfig/sys-apps/busybox-1.23.0' +maybe chmod 0644 'portage/savedconfig/sys-apps/busybox-1.23.0-r1' maybe chmod 0755 'postfix' maybe chmod 0644 'postfix/.gitignore' maybe chmod 0644 'postfix/.keep_mail-mta_postfix-0' diff --git a/config-archive/etc/ulogd.conf b/config-archive/etc/ulogd.conf index dd4e6ce..b68bed8 100644 --- a/config-archive/etc/ulogd.conf +++ b/config-archive/etc/ulogd.conf @@ -197,7 +197,7 @@ sync=1 [pcap1] #default file is /var/log/ulogd/ulogd.pcap -#file=/var/log/ulogd/ulogd.pcap +#file="/var/log/ulogd/ulogd.pcap" sync=1 [mysql1] @@ -207,6 +207,13 @@ user="nupik" table="ulog" pass="changeme" procedure="INSERT_PACKET_FULL" +# backlog configuration: +# set backlog_memcap to the size of memory that will be +# allocated to store events in memory if data is temporary down +# and insert them when the database came back. +#backlog_memcap=1000000 +# number of events to insert at once when backlog is not empty +#backlog_oneshot_requests=10 [mysql2] db="nulog" @@ -224,6 +231,18 @@ table="ulog" #schema="public" pass="changeme" procedure="INSERT_PACKET_FULL" +# connstring can be used to define PostgreSQL connection string which +# contains all parameters of the connection. If set, this value has +# precedence on other variables used to build the connection string. +# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING +# for a complete description of options. +#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme" +#backlog_memcap=1000000 +#backlog_oneshot_requests=10 +# If superior to 1 a thread dedicated to SQL request execution +# is created. The value stores the number of SQL request to keep +# in the ring buffer +#ring_buffer_size=1000 [pgsql2] db="nulog" diff --git a/config-archive/etc/ulogd.conf.1 b/config-archive/etc/ulogd.conf.1 index 9f742c3..dd4e6ce 100644 --- a/config-archive/etc/ulogd.conf.1 +++ b/config-archive/etc/ulogd.conf.1 @@ -1,5 +1,4 @@ # Example configuration for ulogd -# $Id$ # Adapted to Debian by Achilleas Kotsis [global] @@ -11,7 +10,7 @@ # logfile for status messages logfile="/var/log/ulogd/ulogd.log" -# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) +# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5) loglevel=3 ###################################################################### @@ -27,10 +26,12 @@ loglevel=3 plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so" plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" +#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so" plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" @@ -38,13 +39,16 @@ plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" plugin="/usr/lib64/ulogd/ulogd_output_XML.so" -#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so" +plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so" #plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" #plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" #plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" #plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" #plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" +plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so" +plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so" # this is a stack for logging packet send by system via LOGEMU stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU @@ -58,11 +62,14 @@ stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU # this is a stack for packet-based logging via LOGEMU with filtering on MARK #stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU +# this is a stack for packet-based logging via GPRINT +#stack=log1:NFLOG,gp1:GPRINT + # this is a stack for flow-based logging via LOGEMU #stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU -# this is a stack for flow-based logging via OPRINT -#stack=ct1:NFCT,op1:OPRINT +# this is a stack for flow-based logging via GPRINT +#stack=ct1:NFCT,gp1:GPRINT # this is a stack for flow-based logging via XML #stack=ct1:NFCT,xml1:XML @@ -70,6 +77,12 @@ stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU # this is a stack for logging in XML #stack=log1:NFLOG,xml1:XML +# this is a stack for accounting-based logging via XML +#stack=acct1:NFACCT,xml1:XML + +# this is a stack for accounting-based logging to a Graphite server +#stack=acct1:NFACCT,graphite1:GRAPHITE + # this is a stack for NFLOG packet-based logging to PCAP #stack=log2:NFLOG,base1:BASE,pcap1:PCAP @@ -82,6 +95,9 @@ stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU # this is a stack for logging packets to syslog after a collect via NFLOG #stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG +# this is a stack for logging packets to syslog after a collect via NuFW +#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG + # this is a stack for flow-based logging to MySQL #stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL @@ -91,19 +107,33 @@ stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU # this is a stack for flow-based logging to PGSQL without local hash #stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL +# this is a stack for flow-based logging to SQLITE3 +#stack=ct1:NFCT,sqlite3_ct:SQLITE3 + +# this is a stack for logging packet to SQLITE3 +#stack=log1:NFLOG,sqlite3_pkt:SQLITE3 # this is a stack for flow-based logging in NACCT compatible format #stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT +# this is a stack for accounting-based logging via GPRINT +#stack=acct1:NFACCT,gp1:GPRINT + [ct1] #netlink_socket_buffer_size=217088 #netlink_socket_buffer_maxsize=1085440 #netlink_resync_timeout=60 # seconds to wait to perform resynchronization #pollinterval=10 # use poll-based logging instead of event-driven +# If pollinterval is not set, NFCT plugin will work in event mode +# In this case, you can use the following filters on events: +#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks +#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks +#accept_proto_filter=tcp,sctp # layer 4 proto of connections [ct2] #netlink_socket_buffer_size=217088 #netlink_socket_buffer_maxsize=1085440 +#reliable=1 # enable reliable flow-based logging (may drop packets) hash_enable=0 # Logging of system packet through NFLOG @@ -145,6 +175,9 @@ numeric_label=1 # you can label the log info based on the packet verdict nlgroup=1 #numeric_label=0 # optional argument +[nuauth1] +socket_path="/run/nuauth_ulogd2.sock" + [emu1] file="/var/log/ulogd/syslogemu.log" sync=1 @@ -153,11 +186,18 @@ sync=1 file="/var/log/ulogd/oprint.log" sync=1 +[gp1] +file="/var/log/ulogd/ulogd_gprint.log" +sync=1 +timestamp=1 + [xml1] directory="/var/log/ulogd/" sync=1 [pcap1] +#default file is /var/log/ulogd/ulogd.pcap +#file=/var/log/ulogd/ulogd.pcap sync=1 [mysql1] @@ -172,7 +212,7 @@ procedure="INSERT_PACKET_FULL" db="nulog" host="localhost" user="nupik" -table="ulog" +table="conntrack" pass="changeme" procedure="INSERT_CT" @@ -181,6 +221,7 @@ db="nulog" host="localhost" user="nupik" table="ulog" +#schema="public" pass="changeme" procedure="INSERT_PACKET_FULL" @@ -189,6 +230,7 @@ db="nulog" host="localhost" user="nupik" table="ulog2_ct" +#schema="public" pass="changeme" procedure="INSERT_CT" @@ -197,9 +239,19 @@ db="nulog" host="localhost" user="nupik" table="ulog2_ct" +#schema="public" pass="changeme" procedure="INSERT_OR_REPLACE_CT" +[pgsql4] +db="nulog" +host="localhost" +user="nupik" +table="nfacct" +#schema="public" +pass="changeme" +procedure="INSERT_NFACCT" + [dbi1] db="ulog2" dbtype="pgsql" @@ -209,11 +261,36 @@ table="ulog" pass="ulog2" procedure="INSERT_PACKET_FULL" +[sqlite3_ct] +table="ulog_ct" +db="/var/log/ulogd/ulogd.sqlite3db" +buffer=200 + +[sqlite3_pkt] +table="ulog_pkt" +db="/var/log/ulogd/ulogd.sqlite3db" +buffer=200 + [sys2] facility=LOG_LOCAL2 [nacct1] sync = 1 +#file = /var/log/ulogd/ulogd_nacct.log [mark1] mark = 1 + +[acct1] +pollinterval = 2 +# If set to 0, we don't reset the counters for each polling (default is 1). +#zerocounter = 0 +# Set timestamp (default is 0, which means not set). This timestamp can be +# interpreted by the output plugin. +#timestamp = 1 + +[graphite1] +host="127.0.0.1" +port="2003" +# Prefix of data name sent to graphite server +prefix="netfilter.nfacct" diff --git a/config-archive/etc/ulogd.conf.2 b/config-archive/etc/ulogd.conf.2 new file mode 100644 index 0000000..9f742c3 --- /dev/null +++ b/config-archive/etc/ulogd.conf.2 @@ -0,0 +1,219 @@ +# Example configuration for ulogd +# $Id$ +# Adapted to Debian by Achilleas Kotsis + +[global] +###################################################################### +# GLOBAL OPTIONS +###################################################################### + + +# logfile for status messages +logfile="/var/log/ulogd/ulogd.log" + +# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) +loglevel=3 + +###################################################################### +# PLUGIN OPTIONS +###################################################################### + +# We have to configure and load all the plugins we want to use + +# general rules: +# 1. load the plugins _first_ from the global section +# 2. options for each plugin in seperate section below + + +plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" +plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" +#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so" +plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" +plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" +plugin="/usr/lib64/ulogd/ulogd_output_XML.so" +#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" +plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" + +# this is a stack for logging packet send by system via LOGEMU +stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU +stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for ULOG packet-based logging via LOGEMU +stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU with filtering on MARK +#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for flow-based logging via LOGEMU +#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU + +# this is a stack for flow-based logging via OPRINT +#stack=ct1:NFCT,op1:OPRINT + +# this is a stack for flow-based logging via XML +#stack=ct1:NFCT,xml1:XML + +# this is a stack for logging in XML +#stack=log1:NFLOG,xml1:XML + +# this is a stack for NFLOG packet-based logging to PCAP +#stack=log2:NFLOG,base1:BASE,pcap1:PCAP + +# this is a stack for logging packet to MySQL +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL + +# this is a stack for logging packet to PGsql after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL + +# this is a stack for logging packets to syslog after a collect via NFLOG +#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG + +# this is a stack for flow-based logging to MySQL +#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL + +# this is a stack for flow-based logging to PGSQL +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL + +# this is a stack for flow-based logging to PGSQL without local hash +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL + + +# this is a stack for flow-based logging in NACCT compatible format +#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT + +[ct1] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization +#pollinterval=10 # use poll-based logging instead of event-driven + +[ct2] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +hash_enable=0 + +# Logging of system packet through NFLOG +[log1] +# netlink multicast group (the same as the iptables --nflog-group param) +# Group O is used by the kernel to log connection tracking invalid message +group=0 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# set number of packet to queue inside kernel +#netlink_qthreshold=1 +# set the delay before flushing packet in the queue inside kernel (in 10ms) +#netlink_qtimeout=100 + +# packet logging through NFLOG for group 1 +[log2] +# netlink multicast group (the same as the iptables --nflog-group param) +group=1 # Group has to be different from the one use in log1 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# If your kernel is older than 2.6.29 and if a NFLOG input plugin with +# group 0 is not used by any stack, you need to have at least one NFLOG +# input plugin with bind set to 1. If you don't do that you may not +# receive any message from the kernel. +#bind=1 + +# packet logging through NFLOG for group 2, numeric_label is +# set to 1 +[log3] +# netlink multicast group (the same as the iptables --nflog-group param) +group=2 # Group has to be different from the one use in log1/log2 +numeric_label=1 # you can label the log info based on the packet verdict +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#bind=1 + +[ulog1] +# netlink multicast group (the same as the iptables --ulog-nlgroup param) +nlgroup=1 +#numeric_label=0 # optional argument + +[emu1] +file="/var/log/ulogd/syslogemu.log" +sync=1 + +[op1] +file="/var/log/ulogd/oprint.log" +sync=1 + +[xml1] +directory="/var/log/ulogd/" +sync=1 + +[pcap1] +sync=1 + +[mysql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[mysql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_CT" + +[pgsql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[pgsql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_CT" + +[pgsql3] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_OR_REPLACE_CT" + +[dbi1] +db="ulog2" +dbtype="pgsql" +host="localhost" +user="ulog2" +table="ulog" +pass="ulog2" +procedure="INSERT_PACKET_FULL" + +[sys2] +facility=LOG_LOCAL2 + +[nacct1] +sync = 1 + +[mark1] +mark = 1 diff --git a/config-archive/etc/ulogd.conf.dist b/config-archive/etc/ulogd.conf.dist index b9e0a98..e5aad26 100644 --- a/config-archive/etc/ulogd.conf.dist +++ b/config-archive/etc/ulogd.conf.dist @@ -49,6 +49,7 @@ plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so" plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so" plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so" +#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so" # this is a stack for logging packet send by system via LOGEMU #stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU @@ -92,6 +93,9 @@ plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so" # this is a stack for logging packet to PGsql after a collect via NFLOG #stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL +# this is a stack for logging packet to JSON formatted file after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON + # this is a stack for logging packets to syslog after a collect via NFLOG #stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG @@ -195,6 +199,17 @@ timestamp=1 directory="/var/log/ulogd/" sync=1 +[json1] +sync=1 +#file="/var/log/ulogd/ulogd.json" +#timestamp=0 +# device name to be used in JSON message +#device="My awesome Netfilter firewall" +# If boolean_label is set to 1 then the numeric_label put on packet +# by the input plugin is coding the action on packet: if 0, then +# packet has been blocked and if non null it has been accepted. +#boolean_label=1 + [pcap1] #default file is /var/log/ulogd/ulogd.pcap #file="/var/log/ulogd/ulogd.pcap" diff --git a/cups/cups-files.conf b/cups/cups-files.conf index e5f876e..9cbbad8 100644 --- a/cups/cups-files.conf +++ b/cups/cups-files.conf @@ -1,7 +1,5 @@ # -# "$Id: cups-files.conf.in 11201 2013-07-26 21:27:27Z msweet $" -# -# Sample file/directory/user/group configuration file for the CUPS scheduler. +# File/directory/user/group configuration file for the CUPS scheduler. # See "man cups-files.conf" for a complete description of this file. # @@ -17,6 +15,7 @@ #Group lp # Administrator user group, used to match @SYSTEM in cupsd.conf policy rules... +# This cannot contain the Group value for security reasons... SystemGroup lpadmin @@ -54,7 +53,7 @@ ErrorLog /var/log/cups/error_log #FontPath /usr/share/cups/fonts # Location of LPD configuration -#LPDConfigFile +#LPDConfigFile xinetd:///etc/xinetd.d/cups-lpd # Location of the file logging all pages printed by the scheduler and any # helper programs; may be the name "syslog". If not an absolute path, the value @@ -95,7 +94,3 @@ PageLog /var/log/cups/page_log # scheduler startup and cannot be one of the standard (public) temporary # directory locations for security reasons... #TempDir /var/spool/cups/tmp - -# -# End of "$Id: cups-files.conf.in 11201 2013-07-26 21:27:27Z msweet $". -# diff --git a/cups/cupsd.conf b/cups/cupsd.conf index 1ab109c..3d477a8 100644 --- a/cups/cupsd.conf +++ b/cups/cupsd.conf @@ -1,13 +1,12 @@ # -# "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $" -# -# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a +# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a # complete description of this file. # # Log general information in error_log - change "warn" to "debug" # for troubleshooting... LogLevel warn +PageLogFormat # Only listen for connections from the local machine. Listen localhost:631 @@ -128,7 +127,3 @@ WebInterface Yes Order deny,allow - -# -# End of "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $". -# diff --git a/cups/snmp.conf b/cups/snmp.conf index a672a80..a7d1e3b 100644 --- a/cups/snmp.conf +++ b/cups/snmp.conf @@ -1,13 +1,7 @@ # -# "$Id: snmp.conf.in 11025 2013-06-07 01:00:33Z msweet $" -# -# Sample SNMP configuration file for CUPS. See "man cups-snmp.conf" for a -# complete description of this file. +# SNMP configuration file for CUPS. See "man cups-snmp.conf" for a complete +# description of this file. # Address @LOCAL Community public - -# -# End of "$Id: snmp.conf.in 11025 2013-06-07 01:00:33Z msweet $". -# diff --git a/iproute2/rt_dsfield b/iproute2/rt_dsfield index 496ef66..c0f3679 100644 --- a/iproute2/rt_dsfield +++ b/iproute2/rt_dsfield @@ -1,17 +1,6 @@ -0x00 default -0x10 lowdelay -0x08 throughput -0x04 reliability -# This value overlap with ECT, do not use it! -0x02 mincost -# These values seems do not want to die, Cisco likes them by a strange reason. -0x20 priority -0x40 immediate -0x60 flash -0x80 flash-override -0xa0 critical -0xc0 internet -0xe0 network +# Differentiated field values +# These include the DSCP and unused bits +0x0 default # Newer RFC2597 values 0x28 AF11 0x30 AF12 @@ -25,3 +14,12 @@ 0x88 AF41 0x90 AF42 0x98 AF43 +# Older values RFC2474 +0x20 CS1 +0x40 CS2 +0x60 CS3 +0x80 CS4 +0xA0 CS5 +0xC0 CS6 +0xE0 CS7 +0x5C EF diff --git a/mysql/my.cnf b/mysql/my.cnf index 4829b67..dcd08b3 100644 --- a/mysql/my.cnf +++ b/mysql/my.cnf @@ -1,5 +1,5 @@ # /etc/mysql/my.cnf: The global mysql configuration file. -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.5,v 1.4 2014/08/28 14:06:54 grknight Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.6,v 1.1 2014/10/08 16:42:41 grknight Exp $ # The following options will be passed to all MySQL clients [client] @@ -52,11 +52,11 @@ log-error = /var/log/mysql/mysqld.err basedir = /usr datadir = /var/lib/mysql skip-external-locking -key_buffer_size = 16M -max_allowed_packet = 1M -table_open_cache = 64 +key_buffer_size = 16M +max_allowed_packet = 4M +table_open_cache = 400 sort_buffer_size = 512K -net_buffer_length = 8K +net_buffer_length = 16K read_buffer_size = 256K read_rnd_buffer_size = 512K myisam_sort_buffer_size = 8M @@ -77,7 +77,7 @@ tmpdir = /tmp/ #log-update = /path-to-dedicated-directory/hostname # you need the debug USE flag enabled to use the following directives, -# if needed, uncomment them, start the server and issue +# if needed, uncomment them, start the server and issue # #tail -f /tmp/mysqld.sql /tmp/mysqld.trace # this will show you *exactly* what's happening in your server ;) @@ -86,17 +86,10 @@ tmpdir = /tmp/ #debug = d:t:i:o,/tmp/mysqld.trace #one-thread -# the following is the InnoDB configuration -# if you wish to disable innodb instead -# uncomment just the next line -#skip-innodb -# # the rest of the innodb config follows: # don't eat too much memory, we're trying to be safe on 64Mb boxes # you might want to bump this up a bit on boxes with more RAM -innodb_buffer_pool_size = 16M -# this is the default, increase it if you have lots of tables -innodb_additional_mem_pool_size = 2M +innodb_buffer_pool_size = 128M # # i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( # and upstream wants things to be under /var/lib/mysql/, so that's the route @@ -109,7 +102,7 @@ innodb_additional_mem_pool_size = 2M innodb_data_file_path = ibdata1:10M:autoextend:max:128M # we keep this at around 25% of of innodb_buffer_pool_size # sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) -innodb_log_file_size = 5M +innodb_log_file_size = 48M # this is the default, increase it if you have very large transactions going on innodb_log_buffer_size = 8M # this is the default and won't hurt you @@ -122,7 +115,7 @@ innodb_file_per_table # Uncomment this to get FEDERATED engine support #plugin-load=federated=ha_federated.so -#loose-federated +loose-federated [mysqldump] quick @@ -146,4 +139,3 @@ write_buffer_size = 2M [mysqlhotcopy] interactive-timeout - diff --git a/portage/make.conf b/portage/make.conf index 1f14208..88fda5a 100644 --- a/portage/make.conf +++ b/portage/make.conf @@ -64,6 +64,8 @@ PHP_TARGETS="php5-3 php5-5" PYTHON_TARGETS="python2_7 python3_3 python3_4" RUBY_TARGETS="ruby19" +CPU_FLAGS_X86="aes avx fma4 mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 xop" + I_KNOW_WHAT_I_AM_DOING=yes # These are the USE flags that were used in addition to what is provided by the diff --git a/portage/savedconfig/sys-apps/busybox-1.23.0 b/portage/savedconfig/sys-apps/busybox-1.23.0-r1 similarity index 90% rename from portage/savedconfig/sys-apps/busybox-1.23.0 rename to portage/savedconfig/sys-apps/busybox-1.23.0-r1 index 48bed5f..fbf6a32 100644 --- a/portage/savedconfig/sys-apps/busybox-1.23.0 +++ b/portage/savedconfig/sys-apps/busybox-1.23.0-r1 @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # Busybox version: 1.23.0 -# Wed Jan 21 21:36:00 2015 +# Mon Feb 2 16:38:09 2015 # CONFIG_HAVE_DOT_CONFIG=y @@ -13,7 +13,7 @@ CONFIG_HAVE_DOT_CONFIG=y # General Configuration # CONFIG_DESKTOP=y -# CONFIG_EXTRA_COMPAT is not set +CONFIG_EXTRA_COMPAT=y CONFIG_INCLUDE_SUSv2=y # CONFIG_USE_PORTABLE_CODE is not set CONFIG_PLATFORM_LINUX=y @@ -24,18 +24,18 @@ CONFIG_SHOW_USAGE=y CONFIG_FEATURE_VERBOSE_USAGE=y CONFIG_FEATURE_COMPRESS_USAGE=y CONFIG_FEATURE_INSTALLER=y -# CONFIG_INSTALL_NO_USR is not set +CONFIG_INSTALL_NO_USR=y # CONFIG_LOCALE_SUPPORT is not set CONFIG_UNICODE_SUPPORT=y # CONFIG_UNICODE_USING_LOCALE is not set # CONFIG_FEATURE_CHECK_UNICODE_IN_ENV is not set CONFIG_SUBST_WCHAR=63 CONFIG_LAST_SUPPORTED_WCHAR=767 -# CONFIG_UNICODE_COMBINING_WCHARS is not set -# CONFIG_UNICODE_WIDE_WCHARS is not set +CONFIG_UNICODE_COMBINING_WCHARS=y +CONFIG_UNICODE_WIDE_WCHARS=y # CONFIG_UNICODE_BIDI_SUPPORT is not set # CONFIG_UNICODE_NEUTRAL_TABLE is not set -# CONFIG_UNICODE_PRESERVE_BROKEN is not set +CONFIG_UNICODE_PRESERVE_BROKEN=y # CONFIG_PAM is not set CONFIG_FEATURE_USE_SENDFILE=y CONFIG_LONG_OPTS=y @@ -49,7 +49,7 @@ CONFIG_FEATURE_SUID=y # CONFIG_FEATURE_SUID_CONFIG is not set # CONFIG_FEATURE_SUID_CONFIG_QUIET is not set # CONFIG_SELINUX is not set -# CONFIG_FEATURE_PREFER_APPLETS is not set +CONFIG_FEATURE_PREFER_APPLETS=y CONFIG_BUSYBOX_EXEC_PATH="/proc/self/exe" CONFIG_FEATURE_SYSLOG=y # CONFIG_FEATURE_HAVE_RPC is not set @@ -75,7 +75,7 @@ CONFIG_EXTRA_LDLIBS="" # # CONFIG_DEBUG is not set # CONFIG_DEBUG_PESSIMIZE is not set -# CONFIG_UNIT_TEST is not set +CONFIG_UNIT_TEST=y # CONFIG_WERROR is not set CONFIG_NO_DEBUG_LIB=y # CONFIG_DMALLOC is not set @@ -102,21 +102,21 @@ CONFIG_PASSWORD_MINLEN=6 CONFIG_MD5_SMALL=1 CONFIG_SHA3_SMALL=1 CONFIG_FEATURE_FAST_TOP=y -# CONFIG_FEATURE_ETC_NETWORKS is not set +CONFIG_FEATURE_ETC_NETWORKS=y CONFIG_FEATURE_USE_TERMIOS=y CONFIG_FEATURE_EDITING=y CONFIG_FEATURE_EDITING_MAX_LEN=1024 -# CONFIG_FEATURE_EDITING_VI is not set +CONFIG_FEATURE_EDITING_VI=y CONFIG_FEATURE_EDITING_HISTORY=255 CONFIG_FEATURE_EDITING_SAVEHISTORY=y -# CONFIG_FEATURE_EDITING_SAVE_ON_EXIT is not set +CONFIG_FEATURE_EDITING_SAVE_ON_EXIT=y CONFIG_FEATURE_REVERSE_SEARCH=y CONFIG_FEATURE_TAB_COMPLETION=y -# CONFIG_FEATURE_USERNAME_COMPLETION is not set +CONFIG_FEATURE_USERNAME_COMPLETION=y CONFIG_FEATURE_EDITING_FANCY_PROMPT=y -# CONFIG_FEATURE_EDITING_ASK_TERMINAL is not set +CONFIG_FEATURE_EDITING_ASK_TERMINAL=y CONFIG_FEATURE_NON_POSIX_CP=y -# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set +CONFIG_FEATURE_VERBOSE_CP_MESSAGE=y CONFIG_FEATURE_COPYBUF_KB=4 CONFIG_FEATURE_SKIP_ROOTFS=y # CONFIG_MONOTONIC_SYSCALL is not set @@ -134,15 +134,15 @@ CONFIG_FEATURE_SEAMLESS_XZ=y CONFIG_FEATURE_SEAMLESS_LZMA=y CONFIG_FEATURE_SEAMLESS_BZ2=y CONFIG_FEATURE_SEAMLESS_GZ=y -# CONFIG_FEATURE_SEAMLESS_Z is not set -# CONFIG_AR is not set -# CONFIG_FEATURE_AR_LONG_FILENAMES is not set -# CONFIG_FEATURE_AR_CREATE is not set -# CONFIG_UNCOMPRESS is not set +CONFIG_FEATURE_SEAMLESS_Z=y +CONFIG_AR=y +CONFIG_FEATURE_AR_LONG_FILENAMES=y +CONFIG_FEATURE_AR_CREATE=y +CONFIG_UNCOMPRESS=y CONFIG_GUNZIP=y CONFIG_BUNZIP2=y CONFIG_UNLZMA=y -# CONFIG_FEATURE_LZMA_FAST is not set +CONFIG_FEATURE_LZMA_FAST=y CONFIG_LZMA=y CONFIG_UNXZ=y CONFIG_XZ=y @@ -157,7 +157,7 @@ CONFIG_GZIP=y CONFIG_FEATURE_GZIP_LONG_OPTIONS=y CONFIG_GZIP_FAST=0 CONFIG_LZOP=y -# CONFIG_LZOP_COMPR_HIGH is not set +CONFIG_LZOP_COMPR_HIGH=y # CONFIG_RPM2CPIO is not set # CONFIG_RPM is not set CONFIG_TAR=y @@ -181,7 +181,7 @@ CONFIG_BASENAME=y CONFIG_CAT=y CONFIG_DATE=y CONFIG_FEATURE_DATE_ISOFMT=y -# CONFIG_FEATURE_DATE_NANO is not set +CONFIG_FEATURE_DATE_NANO=y CONFIG_FEATURE_DATE_COMPAT=y # CONFIG_HOSTID is not set CONFIG_ID=y @@ -386,11 +386,11 @@ CONFIG_PATCH=y CONFIG_SED=y CONFIG_VI=y CONFIG_FEATURE_VI_MAX_LEN=4096 -# CONFIG_FEATURE_VI_8BIT is not set +CONFIG_FEATURE_VI_8BIT=y CONFIG_FEATURE_VI_COLON=y CONFIG_FEATURE_VI_YANKMARK=y CONFIG_FEATURE_VI_SEARCH=y -# CONFIG_FEATURE_VI_REGEX_SEARCH is not set +CONFIG_FEATURE_VI_REGEX_SEARCH=y CONFIG_FEATURE_VI_USE_SIGNALS=y CONFIG_FEATURE_VI_DOT_CMD=y CONFIG_FEATURE_VI_READONLY=y @@ -453,7 +453,7 @@ CONFIG_HALT=y CONFIG_TELINIT_PATH="" CONFIG_INIT=y CONFIG_FEATURE_USE_INITTAB=y -# CONFIG_FEATURE_KILL_REMOVED is not set +CONFIG_FEATURE_KILL_REMOVED=y CONFIG_FEATURE_KILL_DELAY=0 CONFIG_FEATURE_INIT_SCTTY=y CONFIG_FEATURE_INIT_SYSLOG=y @@ -476,7 +476,7 @@ CONFIG_USE_BB_CRYPT=y CONFIG_USE_BB_CRYPT_SHA=y CONFIG_ADDUSER=y CONFIG_FEATURE_ADDUSER_LONG_OPTIONS=y -# CONFIG_FEATURE_CHECK_NAMES is not set +CONFIG_FEATURE_CHECK_NAMES=y CONFIG_LAST_ID=60000 CONFIG_FIRST_SYSTEM_ID=100 CONFIG_LAST_SYSTEM_ID=999 @@ -488,7 +488,7 @@ CONFIG_DELGROUP=y CONFIG_FEATURE_DEL_USER_FROM_GROUP=y CONFIG_GETTY=y CONFIG_LOGIN=y -# CONFIG_LOGIN_SESSION_AS_CHILD is not set +CONFIG_LOGIN_SESSION_AS_CHILD=y CONFIG_LOGIN_SCRIPTS=y CONFIG_FEATURE_NOLOGIN=y CONFIG_FEATURE_SECURETTY=y @@ -509,7 +509,7 @@ CONFIG_VLOCK=y CONFIG_CHATTR=y CONFIG_FSCK=y CONFIG_LSATTR=y -# CONFIG_TUNE2FS is not set +CONFIG_TUNE2FS=y # # Linux Module Utilities @@ -530,7 +530,7 @@ CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED=y # Options common to multiple modutils # # CONFIG_FEATURE_2_4_MODULES is not set -# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set +CONFIG_FEATURE_INSMOD_TRY_MMAP=y # CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set # CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set # CONFIG_FEATURE_INSMOD_LOADINKMEM is not set @@ -558,7 +558,7 @@ CONFIG_REV=y CONFIG_ACPID=y CONFIG_FEATURE_ACPID_COMPAT=y CONFIG_BLKID=y -# CONFIG_FEATURE_BLKID_TYPE is not set +CONFIG_FEATURE_BLKID_TYPE=y CONFIG_DMESG=y CONFIG_FEATURE_DMESG_PRETTY=y CONFIG_FBSET=y @@ -569,11 +569,11 @@ CONFIG_FDFORMAT=y CONFIG_FDISK=y # CONFIG_FDISK_SUPPORT_LARGE_DISKS is not set CONFIG_FEATURE_FDISK_WRITABLE=y -# CONFIG_FEATURE_AIX_LABEL is not set -# CONFIG_FEATURE_SGI_LABEL is not set -# CONFIG_FEATURE_SUN_LABEL is not set -# CONFIG_FEATURE_OSF_LABEL is not set -# CONFIG_FEATURE_GPT_LABEL is not set +CONFIG_FEATURE_AIX_LABEL=y +CONFIG_FEATURE_SGI_LABEL=y +CONFIG_FEATURE_SUN_LABEL=y +CONFIG_FEATURE_OSF_LABEL=y +CONFIG_FEATURE_GPT_LABEL=y CONFIG_FEATURE_FDISK_ADVANCED=y CONFIG_FINDFS=y CONFIG_FLOCK=y @@ -582,7 +582,7 @@ CONFIG_FREERAMDISK=y CONFIG_MKFS_EXT2=y # CONFIG_MKFS_MINIX is not set # CONFIG_FEATURE_MINIX2 is not set -# CONFIG_MKFS_REISER is not set +CONFIG_MKFS_REISER=y CONFIG_MKFS_VFAT=y CONFIG_GETOPT=y CONFIG_FEATURE_GETOPT_LONG=y @@ -591,7 +591,7 @@ CONFIG_FEATURE_HEXDUMP_REVERSE=y CONFIG_HD=y CONFIG_HWCLOCK=y CONFIG_FEATURE_HWCLOCK_LONG_OPTIONS=y -# CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS is not set +CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS=y CONFIG_IPCRM=y CONFIG_IPCS=y CONFIG_LOSETUP=y @@ -603,7 +603,7 @@ CONFIG_MORE=y CONFIG_MOUNT=y CONFIG_FEATURE_MOUNT_FAKE=y CONFIG_FEATURE_MOUNT_VERBOSE=y -# CONFIG_FEATURE_MOUNT_HELPERS is not set +CONFIG_FEATURE_MOUNT_HELPERS=y CONFIG_FEATURE_MOUNT_LABEL=y # CONFIG_FEATURE_MOUNT_NFS is not set CONFIG_FEATURE_MOUNT_CIFS=y @@ -629,7 +629,7 @@ CONFIG_FEATURE_UMOUNT_ALL=y # CONFIG_FEATURE_MOUNT_LOOP=y CONFIG_FEATURE_MOUNT_LOOP_CREATE=y -# CONFIG_FEATURE_MTAB_SUPPORT is not set +CONFIG_FEATURE_MTAB_SUPPORT=y CONFIG_VOLUMEID=y # @@ -652,7 +652,7 @@ CONFIG_FEATURE_VOLUMEID_NTFS=y CONFIG_FEATURE_VOLUMEID_OCFS2=y CONFIG_FEATURE_VOLUMEID_REISERFS=y CONFIG_FEATURE_VOLUMEID_ROMFS=y -# CONFIG_FEATURE_VOLUMEID_SQUASHFS is not set +CONFIG_FEATURE_VOLUMEID_SQUASHFS=y CONFIG_FEATURE_VOLUMEID_SYSV=y CONFIG_FEATURE_VOLUMEID_UDF=y CONFIG_FEATURE_VOLUMEID_XFS=y @@ -689,14 +689,14 @@ CONFIG_UBIRSVOL=y CONFIG_UBIUPDATEVOL=y CONFIG_WALL=y CONFIG_ADJTIMEX=y -# CONFIG_BBCONFIG is not set -# CONFIG_FEATURE_COMPRESS_BBCONFIG is not set +CONFIG_BBCONFIG=y +CONFIG_FEATURE_COMPRESS_BBCONFIG=y # CONFIG_BEEP is not set CONFIG_FEATURE_BEEP_FREQ=0 CONFIG_FEATURE_BEEP_LENGTH_MS=0 CONFIG_CHAT=y CONFIG_FEATURE_CHAT_NOFAIL=y -# CONFIG_FEATURE_CHAT_TTY_HIFI is not set +CONFIG_FEATURE_CHAT_TTY_HIFI=y CONFIG_FEATURE_CHAT_IMPLICIT_CR=y CONFIG_FEATURE_CHAT_SWALLOW_OPTS=y CONFIG_FEATURE_CHAT_SEND_ESCAPES=y @@ -715,10 +715,10 @@ CONFIG_DEVMEM=y CONFIG_EJECT=y CONFIG_FEATURE_EJECT_SCSI=y # CONFIG_FBSPLASH is not set -# CONFIG_FLASHCP is not set -# CONFIG_FLASH_LOCK is not set -# CONFIG_FLASH_UNLOCK is not set -# CONFIG_FLASH_ERASEALL is not set +CONFIG_FLASHCP=y +CONFIG_FLASH_LOCK=y +CONFIG_FLASH_UNLOCK=y +CONFIG_FLASH_ERASEALL=y CONFIG_IONICE=y # CONFIG_INOTIFYD is not set CONFIG_LAST=y @@ -759,15 +759,15 @@ CONFIG_NBDCLIENT=y CONFIG_NC=y CONFIG_NC_SERVER=y CONFIG_NC_EXTRA=y -# CONFIG_NC_110_COMPAT is not set +CONFIG_NC_110_COMPAT=y CONFIG_PING=y CONFIG_PING6=y CONFIG_FEATURE_FANCY_PING=y CONFIG_WHOIS=y CONFIG_FEATURE_IPV6=y -# CONFIG_FEATURE_UNIX_LOCAL is not set +CONFIG_FEATURE_UNIX_LOCAL=y CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y -# CONFIG_VERBOSE_RESOLUTION_ERRORS is not set +CONFIG_VERBOSE_RESOLUTION_ERRORS=y CONFIG_ARP=y CONFIG_ARPING=y CONFIG_BRCTL=y @@ -812,7 +812,7 @@ CONFIG_FEATURE_IFUPDOWN_IP_BUILTIN=y CONFIG_FEATURE_IFUPDOWN_IPV4=y CONFIG_FEATURE_IFUPDOWN_IPV6=y CONFIG_FEATURE_IFUPDOWN_MAPPING=y -# CONFIG_FEATURE_IFUPDOWN_EXTERNAL_DHCP is not set +CONFIG_FEATURE_IFUPDOWN_EXTERNAL_DHCP=y # CONFIG_INETD is not set # CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_ECHO is not set # CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD is not set @@ -827,7 +827,7 @@ CONFIG_FEATURE_IP_ROUTE=y CONFIG_FEATURE_IP_TUNNEL=y CONFIG_FEATURE_IP_RULE=y CONFIG_FEATURE_IP_SHORT_FORMS=y -# CONFIG_FEATURE_IP_RARE_PROTOCOLS is not set +CONFIG_FEATURE_IP_RARE_PROTOCOLS=y CONFIG_IPADDR=y CONFIG_IPLINK=y CONFIG_IPROUTE=y @@ -867,21 +867,21 @@ CONFIG_FEATURE_TFTP_PROGRESS_BAR=y CONFIG_TRACEROUTE=y CONFIG_TRACEROUTE6=y CONFIG_FEATURE_TRACEROUTE_VERBOSE=y -# CONFIG_FEATURE_TRACEROUTE_SOURCE_ROUTE is not set -# CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set +CONFIG_FEATURE_TRACEROUTE_SOURCE_ROUTE=y +CONFIG_FEATURE_TRACEROUTE_USE_ICMP=y CONFIG_TUNCTL=y CONFIG_FEATURE_TUNCTL_UG=y -# CONFIG_UDHCPC6 is not set +CONFIG_UDHCPC6=y CONFIG_UDHCPD=y CONFIG_DHCPRELAY=y CONFIG_DUMPLEASES=y CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY=y -# CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set +CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC=y CONFIG_DHCPD_LEASES_FILE="/var/lib/misc/udhcpd.leases" CONFIG_UDHCPC=y CONFIG_FEATURE_UDHCPC_ARPING=y CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y -# CONFIG_FEATURE_UDHCP_PORT is not set +CONFIG_FEATURE_UDHCP_PORT=y CONFIG_UDHCP_DEBUG=9 CONFIG_FEATURE_UDHCP_RFC3397=y CONFIG_FEATURE_UDHCP_8021Q=y @@ -951,7 +951,7 @@ CONFIG_PS=y # CONFIG_FEATURE_PS_LONG is not set CONFIG_FEATURE_PS_TIME=y CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS=y -# CONFIG_FEATURE_PS_UNUSUAL_SYSTEMS is not set +CONFIG_FEATURE_PS_UNUSUAL_SYSTEMS=y CONFIG_RENICE=y CONFIG_BB_SYSCTL=y CONFIG_FEATURE_SHOW_THREADS=y @@ -1032,8 +1032,8 @@ CONFIG_FEATURE_BASH_IS_NONE=y CONFIG_SH_MATH_SUPPORT=y CONFIG_SH_MATH_SUPPORT_64=y CONFIG_FEATURE_SH_EXTRA_QUIET=y -# CONFIG_FEATURE_SH_STANDALONE is not set -# CONFIG_FEATURE_SH_NOFORK is not set +CONFIG_FEATURE_SH_STANDALONE=y +CONFIG_FEATURE_SH_NOFORK=y CONFIG_FEATURE_SH_HISTFILESIZE=y # diff --git a/ulogd.conf b/ulogd.conf index b68bed8..1fee90a 100644 --- a/ulogd.conf +++ b/ulogd.conf @@ -49,6 +49,7 @@ plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so" plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so" plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so" +#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so" # this is a stack for logging packet send by system via LOGEMU stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU @@ -92,6 +93,9 @@ stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU # this is a stack for logging packet to PGsql after a collect via NFLOG #stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL +# this is a stack for logging packet to JSON formatted file after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON + # this is a stack for logging packets to syslog after a collect via NFLOG #stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG @@ -195,6 +199,17 @@ timestamp=1 directory="/var/log/ulogd/" sync=1 +[json1] +sync=1 +#file="/var/log/ulogd/ulogd.json" +#timestamp=0 +# device name to be used in JSON message +#device="My awesome Netfilter firewall" +# If boolean_label is set to 1 then the numeric_label put on packet +# by the input plugin is coding the action on packet: if 0, then +# packet has been blocked and if non null it has been accepted. +#boolean_label=1 + [pcap1] #default file is /var/log/ulogd/ulogd.pcap #file="/var/log/ulogd/ulogd.pcap" -- 2.39.5