hardware:gl-ar750s-ext:managing_firewall [ともやん・どっと・ねっと]

hardware:gl-ar750s-ext:managing_firewall

このページの2つのバージョン間の差分を表示します。

この比較画面へのリンク

--- hardware:gl-ar750s-ext:managing_firewall [2020/02/26 05:24] – [インストール] ともやん
+++ hardware:gl-ar750s-ext:managing_firewall [2020/03/13 08:19] (現在) – ともやん
@@ 行 5: / 行 5: @@
       overflow: scroll;
       overflow-x: hidden;
-      font-size: 12px;
+      font-size: 10px;
     }
   </style>
@@ 行 16: / 行 16: @@
 <WRAP prewrap 100%>
 <code>
-# opkg update && opkg install ulogd ulogd-mod-nfacct ulogd-mod-nfct ulogd-mod-nflog ulogd-mod-xml ulogd-mod-syslog ulogd-mod-extra
+# opkg update && opkg install ulogd ulogd-mod-nfacct ulogd-mod-nfct ulogd-mod-nflog ulogd-mod-xml ulogd-mod-syslog ulogd-mod-extra syslog-ng
 </code>
 </WRAP>
@@ 行 41: / 行 41: @@
 Installing ulogd (2.0.5-2) to root...
 Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd_2.0.5-2_mips_24kc.ipk
+Installing ulogd-mod-nfacct (2.0.5-2) to root...
+Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-nfacct_2.0.5-2_mips_24kc.ipk
 Installing ulogd-mod-nfct (2.0.5-2) to root...
 Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-nfct_2.0.5-2_mips_24kc.ipk
+Installing ulogd-mod-nflog (2.0.5-2) to root...
+Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-nflog_2.0.5-2_mips_24kc.ipk
+Installing ulogd-mod-xml (2.0.5-2) to root...
+Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-xml_2.0.5-2_mips_24kc.ipk
 Installing ulogd-mod-syslog (2.0.5-2) to root...
 Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-syslog_2.0.5-2_mips_24kc.ipk
 Installing ulogd-mod-extra (2.0.5-2) to root...
 Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/ulogd-mod-extra_2.0.5-2_mips_24kc.ipk
+Installing syslog-ng (3.9.1-3) to root...
+Downloading https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages/syslog-ng_3.9.1-3_mips_24kc.ipk
+Configuring syslog-ng.
 Configuring ulogd.
 Configuring ulogd-mod-extra.
 Configuring ulogd-mod-nfct.
 Configuring ulogd-mod-syslog.
+Configuring ulogd-mod-xml.
+Configuring ulogd-mod-nfacct.
+Configuring ulogd-mod-nflog.
 </code>
 </WRAP>
+==== syslog-ng の動作確認 ====
+<code>
+# cat /var/log/messages
+Feb 26 05:48:04 TomoyanWRT-GL syslog-ng[7403]: syslog-ng starting up; version='3.9.1'
+</code>
 ==== ulog の設定 ====
@@ 行 77: / 行 95: @@
 </code>
 </WRAP>
+ulogd を手動で実行して動作確認を行う。\\
+<code>
+# ulogd -v
+Wed Feb 26 05:21:35 2020 <7> ulogd.c:622 load_plugin: '/usr/lib/ulogd/ulogd_filter_IP2BIN.so': Error relocating /usr/lib/ulogd/ulogd_filter_IP2BIN.so: uint32_to_ipv6: symbol not found
+Wed Feb 26 05:21:35 2020 <5> ulogd.c:843 building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG'
+Wed Feb 26 05:21:35 2020 <5> ulogd_inpflow_NFCT.c:1399 NFCT plugin working in event mode
+</code>
+**uint32_to_ipv6: symbol not found** はバグ？\\
+==== ulogd の有効化と起動 ====
+<code>
+# service ulogd enable
+# service ulogd start
+</code>
+==== 接続追跡フローアカウンティングを有効に設定 ====
+<code>
+# echo '1' > /proc/sys/net/netfilter/nf_conntrack_acct
+# echo 'net.netfilter.nf_conntrack_acct=1' > /etc/sysctl.d/100-custom.conf
+</code>
 ===== 参考文献 =====

hardware/gl-ar750s-ext/managing_firewall.1582662270.txt.gz
最終更新: 2020/02/26 05:24
by ともやん