Ulog or libnetfilter_log support to replace syslog

[victor]

Syslog component is hard to setup for many users and a bit redundant because it logs to a file where vuurmuur_log picks it up and after converting, logs it again.

[fredl]

I'm just realizing that the inotify effort I've been putting into vuurmuur_conf for ticket #72 is basically trying to get some control over logfiles vuurmuur already controls! The log viewing of vuurmuur_conf 'tails' the vuurmuur logfiles which are created and controlled by vuurmuur_log. So unless we let some other mechanism like logrotate.d scripts rotate those files we already have full control over our own logfiles.

So I started digging around some more into vuurmuur_log itself and found this ticket which seems quite interesting. I'd like to put some effort into this one too if tigerp agrees.

[fredl]

I've started working on this in the branches/vuurmuur-ulog branch.

[fredl]

The configuration option works in the ulog branch's 'Vuurmuur Config -> Logging' now. The sample config.conf has examples. If the RULE_NFLOG and NFGRP parameters are not in config.conf, vuurmuur_conf on startup will notify the user and set RULE_NFLOG and NFGRP to their defaults ("Yes" and "8").

[fredl]

All the code for this is now in the vuurmuur-ulog branch. This branch should be merged into main after 0.8 has been released.

[fredl]

I've been thinking on how to document this as it's probably in milestone 0.9 only and with 0.8 not even out the door yet it could be a while before this is available to the general public. I've written an article on http://wordpress.3dn.nl/2009/11/25/iptabes-nflog-support-in-vuurmuur/ but I figured documentation for this should also be here.