New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new rich rule target nflog, that allows to capture packages with ulogd #587
Comments
Implement nflog target for rich rules. Also add log rule errors and checks for attributes group, prefix, and queue-size. Closes: firewalld#259 - ulog is deprecated Fixes: firewalld#587
Implement nflog target for rich rules. Also add log rule errors and checks for attributes group, prefix, and queue-size. Closes: firewalld#259 - ulog is deprecated Fixes: firewalld#587
Implement nflog target for rich rules. Also add log rule errors and checks for attributes group, prefix, and queue-size. Closes: firewalld#259 - ulog is deprecated Fixes: firewalld#587
Implement nflog target for rich rules, checkUINT16 function, and log attribute errors/checks for group, prefix, and queue-size. Closes: firewalld#259 - ulog is deprecated Fixes: firewalld#587
Implement nflog target for rich rules, checkUINT16 function and log attribute errors/checks for group, prefix, and queue-size. Closes: firewalld#259 - ulog is deprecated Fixes: firewalld#587
Implement nflog target for rich rules, checkUINT16 function and log attribute errors/checks for group, prefix, and queue-size. Fixes: firewalld#587
Implement nflog target for rich rules, checkUINT16 function and log attribute errors/checks for group, prefix, and queue-size. Fixes: #587
Great you implemented this feature. Many thanks.
For a zone i got a plain
Then inspect how this rule is setup in
I already had figured that |
@gsgxnet, check the man page
|
After a brief discussion with Eric Garver on the mailing list, he recommended to create this issue.
In order to be able to examine eg. discarded packages, we need some way to redirect these packages to another target, that allows further processing eg. with
ulogd
.What's needed is a new target for rich rules, that allows to use a low precedence catch-all rich rule in order to be executed right before the accept/drop for the zone. e.g.
The text was updated successfully, but these errors were encountered: