|
ulogd.conf − ulogd configuration file |
|
/etc/ulogd.conf |
|
This configuration file enables you to set different parameters for the ulogd server command (see ulogd(8)). Valid entries are: port port |
|
set the listening port (tcp). The default port number is tcp/3209. Port names in /etc/services are allowed. |
|
broadcast-port port |
|
set the local port for broadcasts. Defaults to 0 (let the system choose). |
|
loglevel level |
|
set the logging level. Level is ’normal’ (default), ’verbose’ or ’debug’. |
|
logmode mode |
|
set the logging mode. Mode is ’syslog’ (default) or ’file’. |
|
logfile file |
|
set the logging file. Defaults to /var/log/ulogd. |
|
pidfile file |
|
set the file where to write ulogd’s pid. Defaults to /var/run/ulogd.pid. |
|
statefile file |
|
set the file where to keep a snapshot of the current state. Defaults to /var/lib/ulogd/state.log. |
|
historyfile file |
|
set the file where to keep log of events. Defaults to /var/lib/ulogd/history.log |
|
user user |
|
set the effective user to which ulogd will run if it is initially run as root. |
|
group group |
|
set the effective group to which ulogd will run if it is initially run as root. |
|
ident mode |
|
turns on/off ident lookups. Defaults to ‘off’. |
|
broadcast mode |
|
turns on/off broadcasting (for follow mode). Defaults to ‘on’. |
|
ACCESS CONFIGURATION |
|
The access scheme is based on several access rules. An access rule is composed of a keyword describing the action to take (‘allow’ or ‘deny’) and a user-host pattern. Rules are processed in order, the latest one being the strongest one (they go from the more general one to the least general one). After stepping through all the rules, access is granted if there was no ‘deny’ rule matching the user-host couple since the last ‘allow’ rule matching it. Everything that is not explicitely allowed results in refused access. A user-host couple is first checked against the rules using the unresolved host address, and then with the resolved address if none of the rules allowed and/or denied access already. Wildcards can be used in a shell-like way (ie the ‘*’, ‘?’, ‘[’, ‘]’, ‘-’ and ‘\’ characters have the usual special meaning). Users are separated from hosts by the usual ‘@’ sign. If no ‘@’ sign is provided, then the rule is assumed to be reduced to a host address pattern and then matches ALL connections from hosts that match this pattern, thus it is equivalent to the patterns ‘*@host’ AND ‘@host’ (see below). If remote user authentification can not be performed (eg if the remote host is not running identd or ident lookups are disabled), the user part of the couple is empty, that is it matches the pattern ‘@host’. Beware, for security reasons, patterns such as ‘*@host’ do NOT match ‘@host’. In the same way, hosts which names can’t be resolved are given an empty hostname thus matching ‘user@’. Here again, patterns such as ‘user@*’ do NOT match ‘user@’ (but more likely the unresolved ip ;-)). Hence, the ‘*’ pattern allow connection of any user from any host. |
|
/etc/ulogd.conf |
system configuration file. |
|
ulogd(8), ulog(1), ulog.conf(5). |
|
Hervé Eychenne <rv@fr.alcove.com> |