Hi Chris, That FIREHOL_LOG_MODE="NFLOG" works like a charm. Thanks!
Hugo On Sun, Aug 30, 2015 at 6:27 AM, Chris Boot <bo...@bootc.net> wrote: > Control: tag -1 pending > Control: retitle -1 Document removal of ULOG target in kernels 3.17+ > > On 16/05/15 00:31, hugo vanwoerkom wrote: > > Running Sid dist-upgraded on May 12 2015 which went to kernel 4.0.0-1. > > I run the firewall via Firehol and use 'FIREHOL_LOG_MODE="ULOG"'. > > Iptables then gets errors because it cannot find ULOG. > > That is because ulogd2 failed with: > > > > May 15 11:56:39 hdbb ulogd[5785]: Can't create ULOG handle > > May 15 11:56:39 hdbb ulogd[5785]: error starting `ulog1' > > > > When this dist-upgraded system is booted with kernel 3.16.0-4 ulogd2 > > starts correctly: > > > > May 15 15:46:24 hdbb ulogd[27455]: building new pluginstance stack: > > 'ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPK > > Hi Hugo, > > The underlying problem is that the ULOG target was removed from > iptables/ebtables in the 3.17 kernel. You will need to migrate to using > the NFLOG target instead. > > It appears that from version 1.296 onwards, Firehol supports using the > NFLOG target, so you should be able to simply set > FIREHOL_LOG_MODE="NFLOG" and leave the ULOG stuff disabled in ulogd.conf. > > I have added a NEWS.Debian entry documenting the change in the kernel in > commite 20a0ed299793c40e345ecee46f234423574da0b [1]. > > HTH, > Chris > > 1. > > http://anonscm.debian.org/cgit/collab-maint/ulogd2.git/commit/?id=e20a0ed299793c40e345ecee46f234423574da0b > > -- > Chris Boot > bo...@bootc.net > -- https://www.dhamma.org/