Re: /proc/net/netfilter/nf_log boot setup / persistence

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bonjour,

On Sun, 2014-04-06 at 18:24 +0200, oatech wrote:
> 
> Hi
> 
> I manage to change the /proc/net/netfilter/nf_log flags using echo > 
> /process/sys/netfilter/nf_log/ ...
> ( For IPv6 nflogging )
> 
> But it gets deleted at reboot.
> Worse, using a boot-time script fails ( the flags get overwritten )
> Using /etc/sysctl.conf doesn't seem to work.

I fear your firewall script is running after sysctl.conf settings are
installed. Usually the firewall script is triggering the loading of
logging modules.

> I end up using a 1minute cron job that rewrites the flags each minute.
> 
> Is there a better way ? Or a sysctl.conf kind config file ?

The most handy way can be to load the Netfilter modules at start For
example by putting them in /etc/modules (at least for debian). Then when
sysctl settings will be evaluated you should get a working config.

> Thanks  :-)

You're welcome (if my suggestion works) ;)

BR,
-- 
Eric Leblond <eric@xxxxxxxxx>

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux