[Bug 1218] New: ULOGD PCAP Plugin Missing Ethernet Headers
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Jan 27 10:53:42 CET 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1218
Bug ID: 1218
Summary: ULOGD PCAP Plugin Missing Ethernet Headers
Product: ulogd
Version: SVN (please provide timestamp)
Hardware: All
OS: All
Status: NEW
Severity: blocker
Priority: P5
Component: ulogd
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: djcanadianjeff at gmail.com
With these settings the pcap file is created but missing headers so can not use
with wireshark?
[global]
logfile="/var/log/ulogd.log"
loglevel=5
rmem=131071
bufsize=150000
plugin="/usr/lib/ulogd/ulogd_inppkt_NFLOG.so"
#plugin="/usr/lib/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib/ulogd/ulogd_filter_IP2BIN.so"
plugin="/usr/lib/ulogd/ulogd_filter_IP2HBIN.so"
plugin="/usr/lib/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib/ulogd/ulogd_filter_HWHDR.so"
plugin="/usr/lib/ulogd/ulogd_filter_PRINTFLOW.so"
plugin="/usr/lib/ulogd/ulogd_filter_MARK.so"
plugin="/usr/lib/ulogd/ulogd_output_LOGEMU.so"
plugin="/usr/lib/ulogd/ulogd_output_SYSLOG.so"
plugin="/usr/lib/ulogd/ulogd_output_SQLITE3.so"
plugin="/usr/lib/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib/ulogd/ulogd_output_MYSQL.so"
plugin="/usr/lib/ulogd/ulogd_raw2packet_BASE.so"
plugin="/usr/lib/ulogd/ulogd_output_JSON.so"
stack=log1:NFLOG,base1:BASE,pcap1:PCAP
[log1]
group=0
netlink_socket_buffer_size=217088
netlink_socket_buffer_maxsize=1085440
#netlink_qthreshold=1
#netlink_qtimeout=100
[pcap1]
file="/var/log/ulogd.pcap"
sync=1
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180127/c37e0c41/attachment.html>
More information about the netfilter-buglog
mailing list