[pve-devel] pve-firewall : log conntrack sessions ?
Alexandre DERUMIER
aderumier at odiso.com
Wed Nov 21 07:50:34 CET 2018
Hi,
I'm currently to finally use proxmox firewall in production next year,
and I missing piece is session logging (create in conntrack, end in conntrack).
It's currently possible with ulogd2, but ulogd2 don't start with pve fw logger is running.
I have found a blog about it:
https://home.regit.org/2014/02/logging-connection-tracking-event-with-ulogd/
It's need to enable :
echo "1"> /proc/sys/net/netfilter/nf_conntrack_acct
echo "1"> /proc/sys/net/netfilter/nf_conntrack_timestamp
then ulogd2 listen for 2 netlink events:
NF_NETLINK_CONNTRACK_NEW: 0x00000001
NF_NETLINK_CONNTRACK_DESTROY: 0x00000004
https://git.netfilter.org/ulogd2/tree/input/flow/ulogd_inpflow_NFCT.c
I'm pretty poor in C , don't known if it's difficult to port this ulogd code in pve fw logger ?
More information about the pve-devel
mailing list