Netfilter/iptables logging daemon
ulogd [options]
ulogd is a logging daemon that reads event messages coming from the Netfilter connection tracking, the Netfilter packet logging subsystem and from the Netfilter accounting subsystem. You have to enable support for connection tracking event delivery; ctnetlink and the NFLOG target in your Linux kernel 2.6.x or load their respective modules. The deprecated ULOG target (which has been superseded by NFLOG) is also supported.
The received messages can be logged into files or into a mySQL, sqlite3 or PostgreSQL database. IPFIX and Graphite output are also supported.
-d, --daemon
fork ulogd into background (start as daemon)
-c <filename>, --configfile <filename>
use <filename> as configuration file instead of /etc/ulogd.conf
-h, --help
show usage information
-V, --version
show version information and copyright
-v, --verbose
verbose output on stdout when not running as daemon
-l, --loglevel <level>
set log level to <level>: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
-u <UID>, --uid <UID>
change UID/GID
-i <pluginpath>, --info <pluginpath>
display infos about plugin
-p <filename>, --pidfile <filename>
record the ulogd process ID to the given file name
/etc/ulogd.conf
There is more documentation about the daemon and the database plugins (including examples) in the directories
/usr/share/doc/ulogd2
/usr/share/doc/ulogd2-mysql and
/usr/share/doc/ulogd2-pgsql
This manual page was written by Joerg Wendland <[email protected]>, for the Debian GNU/Linux system (but may be used by others).