diff options
27 files changed, 543 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 94c39d5..58d9f17 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,12 +1,21 @@ cfgdir = $(datadir)/vyatta-cfg/templates opdir = $(datadir)/vyatta-op/templates +share_perl5dir = $(datarootdir)/perl5/Vyatta/Conntrack curverdir = $(sysconfdir)/config-migrate/current modprobedir = /etc/modprobe.d +vprefix = /opt/vyatta +vsbindir = $(vprefix)/sbin + +vsbin_PROGRAMS = src/vyatta-conntrack-logging +vyatta_conntrack_logging_SOURCES = vyatta-conntrack-logging.c + checkparamsonrebootdir = $(bindir)/sudo-users/check-params-on-reboot.d checkparamsonreboot_SCRIPTS = checkparamsonreboot_SCRIPTS += scripts/check-params-on-reboot.d/conntrack-hash-size +share_perl5_DATA = lib/Vyatta/Conntrack/Config.pm +sbin_SCRIPTS = scripts/vyatta-update-conntrack-log.pl bin_sudo_usersdir = $(bindir)/sudo-users bin_sudo_users_SCRIPTS = scripts/vyatta-show-conntrack.pl bin_sudo_users_SCRIPTS += scripts/vyatta-delete-conntrack.pl diff --git a/lib/Vyatta/Conntrack/Config.pm b/lib/Vyatta/Conntrack/Config.pm new file mode 100644 index 0000000..2104681 --- /dev/null +++ b/lib/Vyatta/Conntrack/Config.pm @@ -0,0 +1,177 @@ +package Vyatta::Conntrack::Config; + +use strict; +use warnings; + +use lib "/opt/vyatta/share/perl5"; +use Vyatta::Config; +use Vyatta::TypeChecker; +use NetAddr::IP; + +my %fields = ( + _udp_new => undef, + _udp_update => undef, + _udp_destroy => undef, + _tcp_new => undef, + _tcp_srec => undef, + _tcp_est => undef, + _tcp_fwait => undef, + _tcp_cwait => undef, + _tcp_lack => undef, + _tcp_twait => undef, + _tcp_destroy => undef, + _icmp_new => undef, + _icmp_update => undef, + _icmp_destroy => undef, + _other_new => undef, + _other_update => undef, + _other_destroy => undef, + _is_empty => 1, +); + +my $pidfile = '/var/run/vyatta/connlogd.lock'; +my $level = 'system conntrack log'; + +sub new { + my $that = shift; + my $class = ref ($that) || $that; + my $self = { + %fields, + }; + + bless $self, $class; + return $self; +} + +sub setup { + my $self = shift; + my $config = new Vyatta::Config; + + $config->setLevel("$level"); + my @nodes = $config->listNodes(); + if (scalar(@nodes) <= 0) { + $self->{_is_empty} = 1; + return 0; + } else { + $self->{_is_empty} = 0; + } + if ( $config->exists('udp new') ) { $self->{_udp_new} = 1; } + if ( $config->exists('udp update') ) { $self->{_udp_update} = 1; } + if ( $config->exists('udp destroy') ) { $self->{_udp_destroy} = 1; } + if ( $config->exists('icmp new') ) { $self->{_icmp_new} = 1; } + if ( $config->exists('icmp update') ) { $self->{_icmp_update} = 1; } + if ( $config->exists('icmp destroy') ) { $self->{_icmp_destroy} = 1; } + if ( $config->exists('other new') ) { $self->{_other_new} = 1; } + if ( $config->exists('other update') ) { $self->{_other_update} = 1; } + if ( $config->exists('other destroy') ) { $self->{_other_destroy} = 1; } + if ( $config->exists('tcp new') ) { $self->{_tcp_new} = 1; } + if ( $config->exists('tcp update syn-received') ) { $self->{_tcp_srec} = 1; } + if ( $config->exists('tcp update established') ) { $self->{_tcp_est} = 1; } + if ( $config->exists('tcp update fin-wait') ) { $self->{_tcp_fwait} = 1; } + if ( $config->exists('tcp update close-wait') ) { $self->{_tcp_cwait} = 1; } + if ( $config->exists('tcp update last-ack') ) { $self->{_tcp_lack} = 1; } + if ( $config->exists('tcp update time-wait') ) { $self->{_tcp_twait} = 1; } + if ( $config->exists('tcp destroy') ) { $self->{_tcp_destroy} = 1; } +} + +sub setupOrig { + my $self = shift; + my $config = new Vyatta::Config; + + $config->setLevel("$level"); + my @nodes = $config->listOrigNodes(); + if (scalar(@nodes) <= 0) { + $self->{_is_empty} = 1; + return 0; + } else { + $self->{_is_empty} = 0; + } + if ( $config->existsOrig('udp new') ) { $self->{_udp_new} = 1; } + if ( $config->existsOrig('udp update') ) { $self->{_udp_update} = 1; } + if ( $config->existsOrig('udp destroy') ) { $self->{_udp_destroy} = 1; } + if ( $config->existsOrig('icmp new') ) { $self->{_icmp_new} = 1; } + if ( $config->existsOrig('icmp update') ) { $self->{_icmp_update} = 1; } + if ( $config->existsOrig('icmp destroy') ) { $self->{_icmp_destroy} = 1; } + if ( $config->existsOrig('other new') ) { $self->{_other_new} = 1; } + if ( $config->existsOrig('other update') ) { $self->{_other_update} = 1; } + if ( $config->existsOrig('other destroy') ) { $self->{_other_destroy} = 1; } + if ( $config->existsOrig('tcp new') ) { $self->{_tcp_new} = 1; } + if ( $config->existsOrig('tcp update syn-received') ) { $self->{_tcp_srec} = 1; } + if ( $config->existsOrig('tcp update established') ) { $self->{_tcp_est} = 1; } + if ( $config->existsOrig('tcp update fin-wait') ) { $self->{_tcp_fwait} = 1; } + if ( $config->existsOrig('tcp update close-wait') ) { $self->{_tcp_cwait} = 1; } + if ( $config->existsOrig('tcp update last-ack') ) { $self->{_tcp_lack} = 1; } + if ( $config->existsOrig('tcp update time-wait') ) { $self->{_tcp_twait} = 1; } + if ( $config->existsOrig('tcp destroy') ) { $self->{_tcp_destroy} = 1; } +} + +sub isEmpty { + my ($self) = @_; + return $self->{_is_empty}; +} + +sub isDifferentFrom { + my ($this, $that) = @_; + no warnings qw(uninitialized); + return 1 if ($this->{_udp_new} ne $that->{_udp_new}); + return 1 if ($this->{_udp_update} ne $that->{_udp_update}); + return 1 if ($this->{_udp_destroy} ne $that->{_udp_destroy}); + return 1 if ($this->{_tcp_new} ne $that->{_tcp_new}); + return 1 if ($this->{_tcp_srec} ne $that->{_tcp_srec}); + return 1 if ($this->{_tcp_est} ne $that->{_tcp_est}); + return 1 if ($this->{_tcp_fwait} ne $that->{_tcp_fwait}); + return 1 if ($this->{_tcp_cwait} ne $that->{_tcp_cwait}); + return 1 if ($this->{_tcp_twait} ne $that->{_tcp_twait}); + return 1 if ($this->{_tcp_lack} ne $that->{_tcp_lack}); + return 1 if ($this->{_tcp_destroy} ne $that->{_tcp_destroy}); + return 1 if ($this->{_icmp_new} ne $that->{_icmp_new}); + return 1 if ($this->{_icmp_update} ne $that->{_icmp_update}); + return 1 if ($this->{_icmp_destroy} ne $that->{_icmp_destroy}); + return 1 if ($this->{_other_new} ne $that->{_other_new}); + return 1 if ($this->{_other_update} ne $that->{_other_update}); + return 1 if ($this->{_other_destroy} ne $that->{_other_destroy}); +} + + +sub get_command { + my ($self) = @_; + my $cmd = "/opt/vyatta/sbin/vyatta-conntrack-logging"; + + if( $self->{_udp_new} ) { $cmd .= " -p udp -e NEW"; } + if( $self->{_udp_update} ) { $cmd .= " -p udp -e UPDATES"; } + if( $self->{_udp_destroy} ) { $cmd .= " -p udp -e DESTROY"; } + if( $self->{_icmp_new} ) { $cmd .= " -p icmp -e NEW"; } + if( $self->{_icmp_update} ) { $cmd .= " -p icmp -e UPDATES"; } + if( $self->{_icmp_destroy} ) { $cmd .= " -p icmp -e DESTROY"; } + if( $self->{_other_new} ) { $cmd .= " -p other p -e NEW"; } + if( $self->{_other_update} ) { $cmd .= " -p other -e UPDATES"; } + if( $self->{_other_destroy} ) { $cmd .= " -p other -e DESTROY"; } + if( $self->{_tcp_new} ) { $cmd .= " -p tcp -e NEW"; } + if( $self->{_tcp_srec} ) { $cmd .= " -p tcp -e UPDATES -s SYN_RECV"; } + if( $self->{_tcp_est} ) { $cmd .= " -p tcp -e UPDATES -s ESTABLISHED"; } + if( $self->{_tcp_fwait} ) { $cmd .= " -p tcp -e UPDATES -s FIN_WAIT"; } + if( $self->{_tcp_cwait} ) { $cmd .= " -p tcp -e UPDATES -s CLOSE_WAIT"; } + if( $self->{_tcp_twait} ) { $cmd .= " -p tcp -e UPDATES -s TIME_WAIT"; } + if( $self->{_tcp_lack} ) { $cmd .= " -p tcp -e UPDATES -s LAST_ACK"; } + if( $self->{_tcp_destroy} ) { $cmd .= " -p tcp -e DESTROY"; } + return ($cmd); +} + +sub kill_daemon { + my $pid; + $pid = "cat $pidfile"; + + system("$pid >&/dev/null"); + if ($? >> 8) { + # daemon not running + return; + } + + # kill daemon and its child processes + system("kill -HUP -`$pid` >&/dev/null"); + if ($? >> 8) { + print STDERR "Conntrack Logging: Failed to stop daemon.\n"; + exit 1; + } + return; +} diff --git a/scripts/vyatta-update-conntrack-log.pl b/scripts/vyatta-update-conntrack-log.pl new file mode 100644 index 0000000..09ee0a5 --- /dev/null +++ b/scripts/vyatta-update-conntrack-log.pl @@ -0,0 +1,46 @@ +#!/usr/bin/perl + +use strict; +use lib "/opt/vyatta/share/perl5"; +use Vyatta::Conntrack::Config; + +my $pfile = '/var/run/vyatta/connlogd.lock'; +my $lfile = '/var/run/vyatta/connlogd.log'; + +my $config = new Vyatta::Conntrack::Config; +my $oconfig = new Vyatta::Conntrack::Config; +$config->setup(); +$oconfig->setupOrig(); + +if (!($config->isDifferentFrom($oconfig))) { + if ($config->isEmpty()) { + print STDERR "Empty Configuration\n"; + exit 1; + } + # config not changed. do nothing. + exit 0; +} + +if ($config->isEmpty()) { + # delete the daemon process + Vyatta::Conntrack::Config::kill_daemon(); + # delete the .lock and .log file getting generated + `rm -f $pfile`; + `rm -f $lfile`; + exit 0; +} + +my $cmd = $config->get_command(); +if ($cmd) { + # First stop the daemon and restart with config + Vyatta::Conntrack::Config::kill_daemon(); + `rm -f $pfile`; + `rm -f $lfile`; + system("$cmd"); + if ($? >> 8) { + print STDERR "Failed to start conntrack logging daemon"; + exit 1; + } +} + +exit 0; diff --git a/src/vyatta-conntrack-logging.c b/src/vyatta-conntrack-logging.c new file mode 100644 index 0000000..27f426b --- /dev/null +++ b/src/vyatta-conntrack-logging.c @@ -0,0 +1,254 @@ +/* +UNIX Daemon Server program for monitoring conntrack logging +processes. +Usage: ./vyatta-conntrack-logging + -p <proto-name> -e <events> [-s <proto-state>] +*/ + +#include <stdio.h> +#include <fcntl.h> +#include <signal.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <error.h> +#include <syslog.h> + + +#define RUNNING_DIR "/var/run/vyatta" +#define LOCK_FILE "connlogd.lock" +#define MAX_PROCESS 17 + +// Global variables +pid_t pids[MAX_PROCESS]; +char *cmds[MAX_PROCESS]; +long int nbuffer[MAX_PROCESS]; +int pcounter=0; +long int netlink_buffer_size = 2097152; +long int netlink_buffer_maxsize= 8388608; + +// Initialise the nbuffer to 2MB +void init_nbuffer() +{ + int i; + for (i=0;i<MAX_PROCESS;i++) { + nbuffer[i]=netlink_buffer_size; + } + return; +} + +// Function to write to syslog + +void sys_logger(char *message) +{ + openlog("log-conntrack", "LOG_PID", LOG_USER); + syslog(LOG_INFO, message); + closelog(); +} + +//Signal handler for SIGHUP and SIGTERM +void signal_handler(sig) +{ + switch(sig) { + case SIGHUP: + sys_logger("Stopping conntrack logging daemon"); + int i; + for(i=0;i<pcounter;i++) { + kill(pids[i], SIGKILL); + } + exit(0); + break; + case SIGTERM: + exit(0); + break; + } +} + +//Create child process to start conntrack logger +void start_child(char *cmd, int index) +{ + pid_t pid; + int west; + int ret; + + pid=fork(); + if (pid<0) { + perror("Conntrack logging error:"); + exit(1); /* fork error */ + } + if (pid==0) { + pids[index]=getpid(); + ret=system(cmd); + if (WIFSIGNALED(ret) && + (WTERMSIG(ret) == SIGINT || WTERMSIG(ret) == SIGQUIT)) { + exit(0); + } + else { + exit(0); + } + } + else { + pids[index]=pid; + } +} + +//Daemonize the process to run in the background +void daemonize() +{ + int p,i,fptr; + char str[10]; + + p=fork(); + if (p<0) { + perror("Conntrack logging error:"); + exit(1); + } + if (p>0) { + exit(0); + } + /* child (daemon) continues */ + setsid(); + for (i=getdtablesize();i>=0;--i) + close(i); + i=open("/dev/null",O_RDWR); dup(i); dup(i); + umask(027); + chdir(RUNNING_DIR); + fptr=open(LOCK_FILE,O_RDWR|O_CREAT,0640); + if (fptr<0) + exit(1); + if (lockf(fptr,F_TLOCK,0)<0) + exit(0); + sprintf(str,"%d\n",getpid()); + write(fptr,str,strlen(str)); + + signal(SIGHUP,signal_handler); + signal(SIGTERM,signal_handler); +} + +int main(int argc, char *argv[]) +{ + FILE *logfile; + int other=0; + int i, pid; + char *conn="conntrack -E"; + char *logger="logger -t log-conntrack -p daemon.notice"; + char *fother="grep -vE 'tcp|udp|icmp'"; + char cmd[1024]; + char cmd_to_run[1024]; + int length = 0; + char * temp_cmd = cmd; + + for (i=1; i<argc; i++) { + switch(argv[i][1]) { + case 'p': + if (i+1 < argc && argv[i+1][0] != '-') { + if (strncmp(argv[i+1], "other", + strlen(argv[i+1])) == 0) { + other=1; + snprintf(cmd, sizeof (cmd), "%s", conn); + length = strlen (cmd); + temp_cmd = cmd + length; + i++; + } else if ((strncmp(argv[i+1], "tcp", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "udp", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "icmp", + strlen(argv[i+1])) == 0)) { + snprintf(cmd, sizeof (cmd), "%s%s%s", conn, " -p ", argv[i+1]); + other=0; + length = strlen (cmd); + temp_cmd = cmd + length; + i++; + } + } + break; + case 'e': + if (i+1 < argc && argv[i+1][0] != '-') { + if ((strncmp(argv[i+1], "NEW", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "UPDATES", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "DESTROY", + strlen(argv[i+1])) == 0)) { + if (other == 1) { + snprintf(temp_cmd, sizeof (cmd) - length, "%s%s%s%s%s%s%s%s", " -e ", + argv[i+1], " -o id", " -b %d", " | ", fother, " | ", logger); + cmds[pcounter] = malloc(strlen+1); + strcpy(cmds[pcounter],cmd); + pcounter++; + } else if ((strncmp(argv[i-1], "tcp",strlen(argv[i-1]))==0) && + (strncmp(argv[i+1], "UPDATES",strlen(argv[i+1])) == 0)){ + snprintf(temp_cmd, sizeof (cmd) - length, "%s%s", " -e ", argv[i+1]); + } else { + snprintf(temp_cmd, sizeof (cmd) - length, "%s%s%s%s%s%s", " -e ", + argv[i+1], " -o id", " -b %d", " | ", logger); + cmds[pcounter] = malloc(strlen+1); + strcpy(cmds[pcounter],cmd); + pcounter++; + } + length = strlen (cmd); + temp_cmd = cmd + length; + i++; + } + } + break; + case 's': + if (i+1 < argc && argv[i+1][0] != '-') { + if ((strncmp(argv[i+1], "SYN_RECV", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "ESTABLISHED", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "FIN_WAIT", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "CLOSE_WAIT", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "LAST_ACK", + strlen(argv[i+1])) == 0) || + (strncmp(argv[i+1], "TIME_WAIT", + strlen(argv[i+1])) == 0)) { + snprintf(temp_cmd, sizeof (cmd) - length, "%s%s%s%s%s%s", " --state ", + argv[i+1], " -o id", " -b %d", " | ", logger); + cmds[pcounter] = malloc(strlen+1); + strcpy(cmds[pcounter],cmd); + pcounter++; + length = strlen (cmd); + temp_cmd = cmd + length; + i++; + } + } + break; + } + } + // Daemonize the connlog process. + sys_logger("Starting conntrack logging daemon"); + daemonize(); + + // Call to init_nbuffer + init_nbuffer(); + + //Start the conntrack logging processes + for(i=0;i<pcounter;i++) { + sprintf(cmd_to_run, cmds[i], nbuffer[i]); + start_child(cmd_to_run,i); + } + pid_t dead_child; + int status; + while(dead_child=wait(&status)) { + for(i=0;i<pcounter;i++) { + if (pids[i]==dead_child) { + nbuffer[i] += netlink_buffer_size; + if (nbuffer[i] <= netlink_buffer_maxsize) { + sprintf(cmd_to_run, cmds[i], nbuffer[i]); + } else { + nbuffer[i] -= netlink_buffer_size; + sprintf(cmd_to_run, cmds[i], nbuffer[i]); + } + sys_logger("Restarting conntrack logging process"); + start_child(cmd_to_run,i); + } + } + } +} + +/* EOF */ diff --git a/templates-cfg/system/conntrack/log/icmp/destroy/node.def b/templates-cfg/system/conntrack/log/icmp/destroy/node.def new file mode 100644 index 0000000..286764c --- /dev/null +++ b/templates-cfg/system/conntrack/log/icmp/destroy/node.def @@ -0,0 +1 @@ +help: Log deletion of ICMP connections diff --git a/templates-cfg/system/conntrack/log/icmp/new/node.def b/templates-cfg/system/conntrack/log/icmp/new/node.def new file mode 100644 index 0000000..dfc19ff --- /dev/null +++ b/templates-cfg/system/conntrack/log/icmp/new/node.def @@ -0,0 +1 @@ +help: Log newly created ICMP connections diff --git a/templates-cfg/system/conntrack/log/icmp/node.def b/templates-cfg/system/conntrack/log/icmp/node.def new file mode 100644 index 0000000..52b219b --- /dev/null +++ b/templates-cfg/system/conntrack/log/icmp/node.def @@ -0,0 +1 @@ +help: Log connection tracking events for ICMP diff --git a/templates-cfg/system/conntrack/log/icmp/update/node.def b/templates-cfg/system/conntrack/log/icmp/update/node.def new file mode 100644 index 0000000..1282f29 --- /dev/null +++ b/templates-cfg/system/conntrack/log/icmp/update/node.def @@ -0,0 +1 @@ +help: Log updates to ICMP connections diff --git a/templates-cfg/system/conntrack/log/node.def b/templates-cfg/system/conntrack/log/node.def new file mode 100644 index 0000000..cb7521a --- /dev/null +++ b/templates-cfg/system/conntrack/log/node.def @@ -0,0 +1,35 @@ +help: Log connection tracking events per protocol +priority: 219 # failure at log shouldnt fail conntrack +end: +if [[ ${COMMIT_ACTION} != 'DELETE' ]] +then + declare -a ARR; + declare -a EVENTS; + declare -a STATES; + eval "ARR=($(cli-shell-api listNodes system conntrack log))"; + if [ "${#ARR[@]}" == "0" ]; then + echo Protocol must be specified for log; + exit 1; + fi + for var in "${ARR[@]}" + do + eval "EVENTS=($(cli-shell-api listNodes system conntrack log $var))"; + if [ "${#EVENTS[@]}" == "0" ]; then + echo Event must be specified for specified protocol $var; + exit 1; + fi + if [ "$var" == "tcp" ]; then + for i in "${EVENTS[@]}" + do + if [ "$i" == "update" ]; then + eval "STATES=($(cli-shell-api listNodes system conntrack log $var $i))"; + if [ "${#STATES[@]}" == "0" ]; then + echo State must be specified for specified protocol-event $var $i; + exit 1; + fi + fi + done + fi + done +fi +sudo /opt/vyatta/sbin/vyatta-update-conntrack-log.pl diff --git a/templates-cfg/system/conntrack/log/other/destroy/node.def b/templates-cfg/system/conntrack/log/other/destroy/node.def new file mode 100644 index 0000000..fadd0b2 --- /dev/null +++ b/templates-cfg/system/conntrack/log/other/destroy/node.def @@ -0,0 +1 @@ +help: Log deletion of connections for all protocols diff --git a/templates-cfg/system/conntrack/log/other/new/node.def b/templates-cfg/system/conntrack/log/other/new/node.def new file mode 100644 index 0000000..1ad7b76 --- /dev/null +++ b/templates-cfg/system/conntrack/log/other/new/node.def @@ -0,0 +1 @@ +help: Log newly created connections for all protocols diff --git a/templates-cfg/system/conntrack/log/other/node.def b/templates-cfg/system/conntrack/log/other/node.def new file mode 100644 index 0000000..f41584a --- /dev/null +++ b/templates-cfg/system/conntrack/log/other/node.def @@ -0,0 +1 @@ +help: Log connection tracking events for all protocols other than TCP, UDP and ICMP diff --git a/templates-cfg/system/conntrack/log/other/update/node.def b/templates-cfg/system/conntrack/log/other/update/node.def new file mode 100644 index 0000000..a448989 --- /dev/null +++ b/templates-cfg/system/conntrack/log/other/update/node.def @@ -0,0 +1 @@ +help: Log updates to connections for all protocols diff --git a/templates-cfg/system/conntrack/log/tcp/destroy/node.def b/templates-cfg/system/conntrack/log/tcp/destroy/node.def new file mode 100644 index 0000000..5389848 --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/destroy/node.def @@ -0,0 +1 @@ +help: Log deletion of TCP connections diff --git a/templates-cfg/system/conntrack/log/tcp/new/node.def b/templates-cfg/system/conntrack/log/tcp/new/node.def new file mode 100644 index 0000000..454c3ae --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/new/node.def @@ -0,0 +1 @@ +help: Log newly created TCP connections diff --git a/templates-cfg/system/conntrack/log/tcp/node.def b/templates-cfg/system/conntrack/log/tcp/node.def new file mode 100644 index 0000000..eb9241d --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/node.def @@ -0,0 +1 @@ +help: Log connection tracking events for TCP diff --git a/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def new file mode 100644 index 0000000..65cb02f --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in CLOSE_WAIT state diff --git a/templates-cfg/system/conntrack/log/tcp/update/established/node.def b/templates-cfg/system/conntrack/log/tcp/update/established/node.def new file mode 100644 index 0000000..129cc6c --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/established/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in ESTABLISHED state diff --git a/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def new file mode 100644 index 0000000..7e50c9b --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in FIN_WAIT state diff --git a/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def b/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def new file mode 100644 index 0000000..3ea7566 --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in LAST_ACK state diff --git a/templates-cfg/system/conntrack/log/tcp/update/node.def b/templates-cfg/system/conntrack/log/tcp/update/node.def new file mode 100644 index 0000000..dabd832 --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections diff --git a/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def b/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def new file mode 100644 index 0000000..421a675 --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in SYN_RECV state diff --git a/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def new file mode 100644 index 0000000..0597a97 --- /dev/null +++ b/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def @@ -0,0 +1 @@ +help: Log updates to TCP connections in TIME_WAIT state diff --git a/templates-cfg/system/conntrack/log/udp/destroy/node.def b/templates-cfg/system/conntrack/log/udp/destroy/node.def new file mode 100644 index 0000000..8441bdb --- /dev/null +++ b/templates-cfg/system/conntrack/log/udp/destroy/node.def @@ -0,0 +1 @@ +help: Log deletion of UDP connections diff --git a/templates-cfg/system/conntrack/log/udp/new/node.def b/templates-cfg/system/conntrack/log/udp/new/node.def new file mode 100644 index 0000000..95de0f9 --- /dev/null +++ b/templates-cfg/system/conntrack/log/udp/new/node.def @@ -0,0 +1 @@ +help: Log newly created UDP connections diff --git a/templates-cfg/system/conntrack/log/udp/node.def b/templates-cfg/system/conntrack/log/udp/node.def new file mode 100644 index 0000000..b8eea26 --- /dev/null +++ b/templates-cfg/system/conntrack/log/udp/node.def @@ -0,0 +1 @@ +help: Log connection tracking events for UDP diff --git a/templates-cfg/system/conntrack/log/udp/update/node.def b/templates-cfg/system/conntrack/log/udp/update/node.def new file mode 100644 index 0000000..2a9e6a0 --- /dev/null +++ b/templates-cfg/system/conntrack/log/udp/update/node.def @@ -0,0 +1 @@ +help: Log updates to UDP connections |