+++ /dev/null
-#
-# /etc/inittab: This file describes how the INIT process should set up
-# the system in a certain run-level.
-#
-# Author: Miquel van Smoorenburg, <miquels@cistron.nl>
-# Modified by: Patrick J. Volkerding, <volkerdi@ftp.cdrom.com>
-# Modified by: Daniel Robbins, <drobbins@gentoo.org>
-# Modified by: Martin Schlemmer, <azarah@gentoo.org>
-# Modified by: Mike Frysinger, <vapier@gentoo.org>
-# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
-# Modified by: William Hubbs, <williamh@gentoo.org>
-#
-# $Id$
-
-# Default runlevel.
-id:3:initdefault:
-
-# System initialization, mount local filesystems, etc.
-si::sysinit:/sbin/openrc sysinit
-
-# Further system initialization, brings up the boot runlevel.
-rc::bootwait:/sbin/openrc boot
-
-l0:0:wait:/sbin/openrc shutdown
-l0s:0:wait:/sbin/halt -dhnp
-l1:1:wait:/sbin/openrc single
-l2:2:wait:/sbin/openrc nonetwork
-l3:3:wait:/sbin/openrc default
-l4:4:wait:/sbin/openrc default
-l5:5:wait:/sbin/openrc default
-l6:6:wait:/sbin/openrc reboot
-l6r:6:wait:/sbin/reboot -dkn
-#z6:6:respawn:/sbin/sulogin
-
-# new-style single-user
-su0:S:wait:/sbin/openrc single
-su1:S:wait:/sbin/sulogin
-
-# TERMINALS
-#x1:12345:respawn:/sbin/agetty 38400 console linux
-c1:12345:respawn:/sbin/agetty 38400 tty1 linux
-c2:2345:respawn:/sbin/agetty 38400 tty2 linux
-c3:2345:respawn:/sbin/agetty 38400 tty3 linux
-c4:2345:respawn:/sbin/agetty 38400 tty4 linux
-c5:2345:respawn:/sbin/agetty 38400 tty5 linux
-c6:2345:respawn:/sbin/agetty 38400 tty6 linux
-
-# SERIAL CONSOLES
-#s0:12345:respawn:/sbin/agetty -L 115200 ttyS0 vt100
-#s1:12345:respawn:/sbin/agetty -L 115200 ttyS1 vt100
-
-# What to do at the "Three Finger Salute".
-ca:12345:ctrlaltdel:/sbin/shutdown -r now
-
-# Used by /etc/init.d/xdm to control DM startup.
-# Read the comments in /etc/init.d/xdm for more
-# info. Do NOT remove, as this will start nothing
-# extra at boot if /etc/init.d/xdm is not added
-# to the "default" runlevel.
-x:a:once:/etc/X11/startDM.sh
+++ /dev/null
-# Example configuration for ulogd
-# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
-
-[global]
-######################################################################
-# GLOBAL OPTIONS
-######################################################################
-
-
-# logfile for status messages
-logfile="/var/log/ulogd/ulogd.log"
-
-# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
-# loglevel=1
-
-######################################################################
-# PLUGIN OPTIONS
-######################################################################
-
-# We have to configure and load all the plugins we want to use
-
-# general rules:
-# 1. load the plugins _first_ from the global section
-# 2. options for each plugin in seperate section below
-
-
-plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
-#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
-#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
-plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
-#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
-plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
-#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
-plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
-plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
-plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
-plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
-plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
-plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
-plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
-
-# this is a stack for logging packet send by system via LOGEMU
-#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
-# this is a stack for packet-based logging via LOGEMU
-#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
-# this is a stack for ULOG packet-based logging via LOGEMU
-#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
-# this is a stack for packet-based logging via LOGEMU with filtering on MARK
-#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
-# this is a stack for packet-based logging via GPRINT
-#stack=log1:NFLOG,gp1:GPRINT
-
-# this is a stack for flow-based logging via LOGEMU
-#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
-
-# this is a stack for flow-based logging via GPRINT
-#stack=ct1:NFCT,gp1:GPRINT
-
-# this is a stack for flow-based logging via XML
-#stack=ct1:NFCT,xml1:XML
-
-# this is a stack for logging in XML
-#stack=log1:NFLOG,xml1:XML
-
-# this is a stack for accounting-based logging via XML
-#stack=acct1:NFACCT,xml1:XML
-
-# this is a stack for accounting-based logging to a Graphite server
-#stack=acct1:NFACCT,graphite1:GRAPHITE
-
-# this is a stack for NFLOG packet-based logging to PCAP
-#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
-
-# this is a stack for logging packet to MySQL
-#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
-
-# this is a stack for logging packet to PGsql after a collect via NFLOG
-#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
-
-# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
-#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
-
-# this is a stack for logging packets to syslog after a collect via NFLOG
-#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
-
-# this is a stack for logging packets to syslog after a collect via NuFW
-#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
-
-# this is a stack for flow-based logging to MySQL
-#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
-
-# this is a stack for flow-based logging to PGSQL
-#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
-
-# this is a stack for flow-based logging to PGSQL without local hash
-#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
-
-# this is a stack for flow-based logging to SQLITE3
-#stack=ct1:NFCT,sqlite3_ct:SQLITE3
-
-# this is a stack for logging packet to SQLITE3
-#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
-
-# this is a stack for flow-based logging in NACCT compatible format
-#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
-
-# this is a stack for accounting-based logging via GPRINT
-#stack=acct1:NFACCT,gp1:GPRINT
-
-[ct1]
-#netlink_socket_buffer_size=217088
-#netlink_socket_buffer_maxsize=1085440
-#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
-#pollinterval=10 # use poll-based logging instead of event-driven
-# If pollinterval is not set, NFCT plugin will work in event mode
-# In this case, you can use the following filters on events:
-#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
-#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
-#accept_proto_filter=tcp,sctp # layer 4 proto of connections
-
-[ct2]
-#netlink_socket_buffer_size=217088
-#netlink_socket_buffer_maxsize=1085440
-#reliable=1 # enable reliable flow-based logging (may drop packets)
-hash_enable=0
-
-# Logging of system packet through NFLOG
-[log1]
-# netlink multicast group (the same as the iptables --nflog-group param)
-# Group O is used by the kernel to log connection tracking invalid message
-group=0
-#netlink_socket_buffer_size=217088
-#netlink_socket_buffer_maxsize=1085440
-# set number of packet to queue inside kernel
-#netlink_qthreshold=1
-# set the delay before flushing packet in the queue inside kernel (in 10ms)
-#netlink_qtimeout=100
-
-# packet logging through NFLOG for group 1
-[log2]
-# netlink multicast group (the same as the iptables --nflog-group param)
-group=1 # Group has to be different from the one use in log1
-#netlink_socket_buffer_size=217088
-#netlink_socket_buffer_maxsize=1085440
-# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
-# group 0 is not used by any stack, you need to have at least one NFLOG
-# input plugin with bind set to 1. If you don't do that you may not
-# receive any message from the kernel.
-#bind=1
-
-# packet logging through NFLOG for group 2, numeric_label is
-# set to 1
-[log3]
-# netlink multicast group (the same as the iptables --nflog-group param)
-group=2 # Group has to be different from the one use in log1/log2
-numeric_label=1 # you can label the log info based on the packet verdict
-#netlink_socket_buffer_size=217088
-#netlink_socket_buffer_maxsize=1085440
-#bind=1
-
-[ulog1]
-# netlink multicast group (the same as the iptables --ulog-nlgroup param)
-nlgroup=1
-#numeric_label=0 # optional argument
-
-[nuauth1]
-socket_path="/run/nuauth_ulogd2.sock"
-
-[emu1]
-file="/var/log/ulogd/ulogd_syslogemu.log"
-sync=1
-
-[op1]
-file="/var/log/ulogd/ulogd_oprint.log"
-sync=1
-
-[gp1]
-file="/var/log/ulogd/ulogd_gprint.log"
-sync=1
-timestamp=1
-
-[xml1]
-directory="/var/log/ulogd/"
-sync=1
-
-[json1]
-sync=1
-#file="/var/log/ulogd/ulogd.json"
-#timestamp=0
-# device name to be used in JSON message
-#device="My awesome Netfilter firewall"
-# If boolean_label is set to 1 then the numeric_label put on packet
-# by the input plugin is coding the action on packet: if 0, then
-# packet has been blocked and if non null it has been accepted.
-#boolean_label=1
-# Uncomment the following line to use JSON v1 event format that
-# can provide better compatility with some JSON file reader.
-#eventv1=1
-
-[pcap1]
-#default file is /var/log/ulogd/ulogd.pcap
-#file="/var/log/ulogd/ulogd.pcap"
-sync=1
-
-[mysql1]
-db="nulog"
-host="localhost"
-user="nupik"
-table="ulog"
-pass="changeme"
-procedure="INSERT_PACKET_FULL"
-# backlog configuration:
-# set backlog_memcap to the size of memory that will be
-# allocated to store events in memory if data is temporary down
-# and insert them when the database came back.
-#backlog_memcap=1000000
-# number of events to insert at once when backlog is not empty
-#backlog_oneshot_requests=10
-
-[mysql2]
-db="nulog"
-host="localhost"
-user="nupik"
-table="conntrack"
-pass="changeme"
-procedure="INSERT_CT"
-
-[pgsql1]
-db="nulog"
-host="localhost"
-user="nupik"
-table="ulog"
-#schema="public"
-pass="changeme"
-procedure="INSERT_PACKET_FULL"
-# connstring can be used to define PostgreSQL connection string which
-# contains all parameters of the connection. If set, this value has
-# precedence on other variables used to build the connection string.
-# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
-# for a complete description of options.
-#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
-#backlog_memcap=1000000
-#backlog_oneshot_requests=10
-# If superior to 1 a thread dedicated to SQL request execution
-# is created. The value stores the number of SQL request to keep
-# in the ring buffer
-#ring_buffer_size=1000
-
-[pgsql2]
-db="nulog"
-host="localhost"
-user="nupik"
-table="ulog2_ct"
-#schema="public"
-pass="changeme"
-procedure="INSERT_CT"
-
-[pgsql3]
-db="nulog"
-host="localhost"
-user="nupik"
-table="ulog2_ct"
-#schema="public"
-pass="changeme"
-procedure="INSERT_OR_REPLACE_CT"
-
-[pgsql4]
-db="nulog"
-host="localhost"
-user="nupik"
-table="nfacct"
-#schema="public"
-pass="changeme"
-procedure="INSERT_NFACCT"
-
-[dbi1]
-db="ulog2"
-dbtype="pgsql"
-host="localhost"
-user="ulog2"
-table="ulog"
-pass="ulog2"
-procedure="INSERT_PACKET_FULL"
-
-[sqlite3_ct]
-table="ulog_ct"
-db="/var/log/ulogd/ulogd.sqlite3db"
-
-[sqlite3_pkt]
-table="ulog_pkt"
-db="/var/log/ulogd/ulogd.sqlite3db"
-
-[sys2]
-facility=LOG_LOCAL2
-
-[nacct1]
-sync = 1
-#file = /var/log/ulogd/ulogd_nacct.log
-
-[mark1]
-mark = 1
-
-[acct1]
-pollinterval = 2
-# If set to 0, we don't reset the counters for each polling (default is 1).
-#zerocounter = 0
-# Set timestamp (default is 0, which means not set). This timestamp can be
-# interpreted by the output plugin.
-#timestamp = 1
-
-[graphite1]
-host="127.0.0.1"
-port="2003"
-# Prefix of data name sent to graphite server
-prefix="netfilter.nfacct"
mkdir -p './udev/hwdb.d'
mkdir -p './unixODBC/ODBCDataSources'
maybe chmod 0755 '.'
-maybe chmod 0644 '._cfg0000_inittab'
-maybe chgrp 'ulogd' '._cfg0000_ulogd.conf'
-maybe chmod 0640 '._cfg0000_ulogd.conf'
maybe chmod 0700 '.etckeeper'
maybe chmod 0644 '.gitignore'
maybe chmod 0755 '.java'
maybe chmod 0644 'apache2/info_users_passwd'
maybe chmod 0644 'apache2/magic'
maybe chmod 0755 'apache2/modules.d'
-maybe chmod 0644 'apache2/modules.d/._cfg0000_00_apache_manual.conf'
maybe chmod 0644 'apache2/modules.d/.keep_dev-vcs_subversion-0'
maybe chmod 0644 'apache2/modules.d/.keep_www-servers_apache-2'
maybe chmod 0644 'apache2/modules.d/00_apache_manual.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf.6'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf.7'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf.8'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf.9'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf.1'
maybe chmod 0755 'config-archive/etc/init.d/urandom.dist'
maybe chmod 0644 'config-archive/etc/inittab'
maybe chmod 0644 'config-archive/etc/inittab.1'
+maybe chmod 0644 'config-archive/etc/inittab.2'
maybe chmod 0644 'config-archive/etc/inittab.dist'
maybe chmod 0755 'config-archive/etc/layman'
maybe chmod 0644 'config-archive/etc/layman/layman.cfg'
maybe chmod 0644 'config-archive/etc/logrotate.conf.dist'
maybe chmod 0755 'config-archive/etc/logrotate.d'
maybe chmod 0644 'config-archive/etc/logrotate.d/clamav'
+maybe chmod 0644 'config-archive/etc/logrotate.d/clamav.1'
maybe chmod 0644 'config-archive/etc/logrotate.d/clamav.dist'
+maybe chmod 0644 'config-archive/etc/logrotate.d/clamav.dist.new'
maybe chmod 0644 'config-archive/etc/logrotate.d/fail2ban'
maybe chmod 0644 'config-archive/etc/logrotate.d/fail2ban.dist.new'
maybe chmod 0644 'config-archive/etc/logrotate.d/openrc'
maybe chmod 0640 'config-archive/etc/ulogd.conf'
maybe chmod 0640 'config-archive/etc/ulogd.conf.1'
maybe chmod 0640 'config-archive/etc/ulogd.conf.2'
+maybe chmod 0640 'config-archive/etc/ulogd.conf.3'
maybe chmod 0640 'config-archive/etc/ulogd.conf.dist'
maybe chmod 0755 'config-archive/usr'
maybe chmod 0755 'config-archive/usr/share'
maybe chmod 0644 'logrotate.conf'
maybe chmod 0644 'logrotate.conf.orig'
maybe chmod 0755 'logrotate.d'
-maybe chmod 0644 'logrotate.d/._cfg0000_clamav'
maybe chmod 0644 'logrotate.d/.keep_app-admin_logrotate-0'
maybe chmod 0644 'logrotate.d/apache2'
maybe chmod 0644 'logrotate.d/clamav'
+++ /dev/null
-# Provide access to the documentation on your server as
-# http://yourserver.example.com/manual/
-# The documentation is always available at
-# http://httpd.apache.org/docs/2.4/
-<IfModule negotiation_module>
-<IfModule setenvif_module>
-<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.20/manual$1"
-
-<Directory "/usr/share/doc/apache-2.4.20/manual">
- Options Indexes
- AllowOverride None
- Require all granted
-
- <Files *.html>
- SetHandler type-map
- </Files>
-
- SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1
- RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2
-
- LanguagePriority en de es fr ja ko pt-br
- ForceLanguagePriority Prefer Fallback
-</Directory>
-</IfDefine>
-</IfModule>
-</IfModule>
-
-# vim: ts=4 filetype=apache
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.18/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.20/manual$1"
-<Directory "/usr/share/doc/apache-2.4.18/manual">
+<Directory "/usr/share/doc/apache-2.4.20/manual">
Options Indexes
AllowOverride None
Require all granted
# Provide access to the documentation on your server as
# http://yourserver.example.com/manual/
# The documentation is always available at
-# http://httpd.apache.org/docs/2.2/
+# http://httpd.apache.org/docs/2.4/
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.31/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.18/manual$1"
-<Directory "/usr/share/doc/apache-2.2.31/manual">
+<Directory "/usr/share/doc/apache-2.4.18/manual">
Options Indexes
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
<Files *.html>
SetHandler type-map
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.29/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.31/manual$1"
-<Directory "/usr/share/doc/apache-2.2.29/manual">
+<Directory "/usr/share/doc/apache-2.2.31/manual">
Options Indexes
AllowOverride None
Order allow,deny
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27-r4/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.29/manual$1"
-<Directory "/usr/share/doc/apache-2.2.27-r4/manual">
+<Directory "/usr/share/doc/apache-2.2.29/manual">
Options Indexes
AllowOverride None
Order allow,deny
# http://yourserver.example.com/manual/
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
+<IfModule negotiation_module>
+<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27-r4/manual$1"
-<Directory "/usr/share/doc/apache-2.2.27/manual">
+<Directory "/usr/share/doc/apache-2.2.27-r4/manual">
Options Indexes
AllowOverride None
Order allow,deny
ForceLanguagePriority Prefer Fallback
</Directory>
</IfDefine>
+</IfModule>
+</IfModule>
# vim: ts=4 filetype=apache
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.25/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27/manual$1"
-<Directory "/usr/share/doc/apache-2.2.25/manual">
+<Directory "/usr/share/doc/apache-2.2.27/manual">
Options Indexes
AllowOverride None
Order allow,deny
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.24/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.25/manual$1"
-<Directory "/usr/share/doc/apache-2.2.24/manual">
+<Directory "/usr/share/doc/apache-2.2.25/manual">
Options Indexes
AllowOverride None
Order allow,deny
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.23/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.24/manual$1"
-<Directory "/usr/share/doc/apache-2.2.23/manual">
+<Directory "/usr/share/doc/apache-2.2.24/manual">
Options Indexes
AllowOverride None
Order allow,deny
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.23/manual$1"
-<Directory "/usr/share/doc/apache-2.2.22/manual">
+<Directory "/usr/share/doc/apache-2.2.23/manual">
Options Indexes
AllowOverride None
Order allow,deny
SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1
RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2
- LanguagePriority en de es fr ja ko pt-br
+ LanguagePriority de en es fr ja ko pt-br
ForceLanguagePriority Prefer Fallback
</Directory>
</IfDefine>
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22/manual$1"
-<Directory "/usr/share/doc/apache-2.2.21-r1/manual">
+<Directory "/usr/share/doc/apache-2.2.22/manual">
Options Indexes
AllowOverride None
Order allow,deny
--- /dev/null
+# Provide access to the documentation on your server as
+# http://yourserver.example.com/manual/
+# The documentation is always available at
+# http://httpd.apache.org/docs/2.2/
+<IfDefine MANUAL>
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1"
+
+<Directory "/usr/share/doc/apache-2.2.21-r1/manual">
+ Options Indexes
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+
+ <Files *.html>
+ SetHandler type-map
+ </Files>
+
+ SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1
+ RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2
+
+ LanguagePriority en de es fr ja ko pt-br
+ ForceLanguagePriority Prefer Fallback
+</Directory>
+</IfDefine>
+
+# vim: ts=4 filetype=apache
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.18/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.20/manual$1"
-<Directory "/usr/share/doc/apache-2.4.18/manual">
+<Directory "/usr/share/doc/apache-2.4.20/manual">
Options Indexes
AllowOverride None
Require all granted
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
# Default runlevel.
id:3:initdefault:
c6:2345:respawn:/sbin/agetty 38400 tty6 linux
# SERIAL CONSOLES
-#s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100
-#s1:12345:respawn:/sbin/agetty 115200 ttyS1 vt100
+#s0:12345:respawn:/sbin/agetty -L 115200 ttyS0 vt100
+#s1:12345:respawn:/sbin/agetty -L 115200 ttyS1 vt100
# What to do at the "Three Finger Salute".
ca:12345:ctrlaltdel:/sbin/shutdown -r now
# extra at boot if /etc/init.d/xdm is not added
# to the "default" runlevel.
x:a:once:/etc/X11/startDM.sh
-
c6:2345:respawn:/sbin/agetty 38400 tty6 linux
# SERIAL CONSOLES
-#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100
-#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100
+#s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100
+#s1:12345:respawn:/sbin/agetty 115200 ttyS1 vt100
# What to do at the "Three Finger Salute".
ca:12345:ctrlaltdel:/sbin/shutdown -r now
--- /dev/null
+#
+# /etc/inittab: This file describes how the INIT process should set up
+# the system in a certain run-level.
+#
+# Author: Miquel van Smoorenburg, <miquels@cistron.nl>
+# Modified by: Patrick J. Volkerding, <volkerdi@ftp.cdrom.com>
+# Modified by: Daniel Robbins, <drobbins@gentoo.org>
+# Modified by: Martin Schlemmer, <azarah@gentoo.org>
+# Modified by: Mike Frysinger, <vapier@gentoo.org>
+# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+#
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $
+
+# Default runlevel.
+id:3:initdefault:
+
+# System initialization, mount local filesystems, etc.
+si::sysinit:/sbin/rc sysinit
+
+# Further system initialization, brings up the boot runlevel.
+rc::bootwait:/sbin/rc boot
+
+l0:0:wait:/sbin/rc shutdown
+l0s:0:wait:/sbin/halt -dhp
+l1:1:wait:/sbin/rc single
+l2:2:wait:/sbin/rc nonetwork
+l3:3:wait:/sbin/rc default
+l4:4:wait:/sbin/rc default
+l5:5:wait:/sbin/rc default
+l6:6:wait:/sbin/rc reboot
+l6r:6:wait:/sbin/reboot -dk
+#z6:6:respawn:/sbin/sulogin
+
+# new-style single-user
+su0:S:wait:/sbin/rc single
+su1:S:wait:/sbin/sulogin
+
+# TERMINALS
+c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux
+c2:2345:respawn:/sbin/agetty 38400 tty2 linux
+c3:2345:respawn:/sbin/agetty 38400 tty3 linux
+c4:2345:respawn:/sbin/agetty 38400 tty4 linux
+c5:2345:respawn:/sbin/agetty 38400 tty5 linux
+c6:2345:respawn:/sbin/agetty 38400 tty6 linux
+
+# SERIAL CONSOLES
+#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100
+#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100
+
+# What to do at the "Three Finger Salute".
+ca:12345:ctrlaltdel:/sbin/shutdown -r now
+
+# Used by /etc/init.d/xdm to control DM startup.
+# Read the comments in /etc/init.d/xdm for more
+# info. Do NOT remove, as this will start nothing
+# extra at boot if /etc/init.d/xdm is not added
+# to the "default" runlevel.
+x:a:once:/etc/X11/startDM.sh
+
# Modified by: Martin Schlemmer, <azarah@gentoo.org>
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+# Modified by: William Hubbs, <williamh@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
+# $Id$
# Default runlevel.
id:3:initdefault:
# System initialization, mount local filesystems, etc.
-si::sysinit:/sbin/rc sysinit
+si::sysinit:/sbin/openrc sysinit
# Further system initialization, brings up the boot runlevel.
-rc::bootwait:/sbin/rc boot
-
-l0:0:wait:/sbin/rc shutdown
-l0s:0:wait:/sbin/halt -dhp
-l1:1:wait:/sbin/rc single
-l2:2:wait:/sbin/rc nonetwork
-l3:3:wait:/sbin/rc default
-l4:4:wait:/sbin/rc default
-l5:5:wait:/sbin/rc default
-l6:6:wait:/sbin/rc reboot
-l6r:6:wait:/sbin/reboot -dk
+rc::bootwait:/sbin/openrc boot
+
+l0:0:wait:/sbin/openrc shutdown
+l0s:0:wait:/sbin/halt -dhnp
+l1:1:wait:/sbin/openrc single
+l2:2:wait:/sbin/openrc nonetwork
+l3:3:wait:/sbin/openrc default
+l4:4:wait:/sbin/openrc default
+l5:5:wait:/sbin/openrc default
+l6:6:wait:/sbin/openrc reboot
+l6r:6:wait:/sbin/reboot -dkn
#z6:6:respawn:/sbin/sulogin
# new-style single-user
-su0:S:wait:/sbin/rc single
+su0:S:wait:/sbin/openrc single
su1:S:wait:/sbin/sulogin
# TERMINALS
+#x1:12345:respawn:/sbin/agetty 38400 console linux
c1:12345:respawn:/sbin/agetty 38400 tty1 linux
c2:2345:respawn:/sbin/agetty 38400 tty2 linux
c3:2345:respawn:/sbin/agetty 38400 tty3 linux
/var/log/clamav/clamd.log {
+ #su clamav clamav
+ rotate 5
missingok
+ size +1024m
+ compress
+ delaycompress
postrotate
/etc/init.d/clamd logfix
/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
}
/var/log/clamav/freshclam.log {
+ #su clamav clamav
+ rotate 5
missingok
+ size +1024m
+ compress
+ delaycompress
postrotate
/etc/init.d/clamd logfix
/bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
endscript
}
-
-# vim: ts=4 filetype=conf
--- /dev/null
+/var/log/clamav/clamd.log {
+ missingok
+ postrotate
+ /etc/init.d/clamd logfix
+ /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
+ endscript
+}
+
+/var/log/clamav/freshclam.log {
+ missingok
+ postrotate
+ /etc/init.d/clamd logfix
+ /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
+ endscript
+}
+
+# vim: ts=4 filetype=conf
--- /dev/null
+/var/log/clamav/clamd.log {
+ su clamav clamav
+ missingok
+ postrotate
+ /etc/init.d/clamd logfix
+ /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
+ endscript
+}
+
+/var/log/clamav/freshclam.log {
+ su clamav clamav
+ missingok
+ postrotate
+ /etc/init.d/clamd logfix
+ /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
+ endscript
+}
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
directory="/var/log/ulogd/"
sync=1
+[json1]
+sync=1
+#file="/var/log/ulogd/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
#file="/var/log/ulogd/ulogd.pcap"
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
-#file=/var/log/ulogd/ulogd.pcap
+#file="/var/log/ulogd/ulogd.pcap"
sync=1
[mysql1]
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# backlog configuration:
+# set backlog_memcap to the size of memory that will be
+# allocated to store events in memory if data is temporary down
+# and insert them when the database came back.
+#backlog_memcap=1000000
+# number of events to insert at once when backlog is not empty
+#backlog_oneshot_requests=10
[mysql2]
db="nulog"
#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# connstring can be used to define PostgreSQL connection string which
+# contains all parameters of the connection. If set, this value has
+# precedence on other variables used to build the connection string.
+# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
+# for a complete description of options.
+#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
+#backlog_memcap=1000000
+#backlog_oneshot_requests=10
+# If superior to 1 a thread dedicated to SQL request execution
+# is created. The value stores the number of SQL request to keep
+# in the ring buffer
+#ring_buffer_size=1000
[pgsql2]
db="nulog"
# Example configuration for ulogd
-# $Id$
# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
[global]
# logfile for status messages
logfile="/var/log/ulogd/ulogd.log"
-# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
loglevel=3
######################################################################
plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for packet-based logging via LOGEMU with filtering on MARK
#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for packet-based logging via GPRINT
+#stack=log1:NFLOG,gp1:GPRINT
+
# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
-# this is a stack for flow-based logging via OPRINT
-#stack=ct1:NFCT,op1:OPRINT
+# this is a stack for flow-based logging via GPRINT
+#stack=ct1:NFCT,gp1:GPRINT
# this is a stack for flow-based logging via XML
#stack=ct1:NFCT,xml1:XML
# this is a stack for logging in XML
#stack=log1:NFLOG,xml1:XML
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
+# this is a stack for accounting-based logging to a Graphite server
+#stack=acct1:NFACCT,graphite1:GRAPHITE
+
# this is a stack for NFLOG packet-based logging to PCAP
#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+# this is a stack for logging packets to syslog after a collect via NuFW
+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
# this is a stack for flow-based logging to MySQL
#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
# this is a stack for flow-based logging to PGSQL without local hash
#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+# this is a stack for flow-based logging to SQLITE3
+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
+
+# this is a stack for logging packet to SQLITE3
+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
# this is a stack for flow-based logging in NACCT compatible format
#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+# this is a stack for accounting-based logging via GPRINT
+#stack=acct1:NFACCT,gp1:GPRINT
+
[ct1]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
#pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
+#accept_proto_filter=tcp,sctp # layer 4 proto of connections
[ct2]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
hash_enable=0
# Logging of system packet through NFLOG
nlgroup=1
#numeric_label=0 # optional argument
+[nuauth1]
+socket_path="/run/nuauth_ulogd2.sock"
+
[emu1]
file="/var/log/ulogd/syslogemu.log"
sync=1
file="/var/log/ulogd/oprint.log"
sync=1
+[gp1]
+file="/var/log/ulogd/ulogd_gprint.log"
+sync=1
+timestamp=1
+
[xml1]
directory="/var/log/ulogd/"
sync=1
[pcap1]
+#default file is /var/log/ulogd/ulogd.pcap
+#file=/var/log/ulogd/ulogd.pcap
sync=1
[mysql1]
db="nulog"
host="localhost"
user="nupik"
-table="ulog"
+table="conntrack"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog"
+#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_OR_REPLACE_CT"
+[pgsql4]
+db="nulog"
+host="localhost"
+user="nupik"
+table="nfacct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_NFACCT"
+
[dbi1]
db="ulog2"
dbtype="pgsql"
pass="ulog2"
procedure="INSERT_PACKET_FULL"
+[sqlite3_ct]
+table="ulog_ct"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
+[sqlite3_pkt]
+table="ulog_pkt"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
[sys2]
facility=LOG_LOCAL2
[nacct1]
sync = 1
+#file = /var/log/ulogd/ulogd_nacct.log
[mark1]
mark = 1
+
+[acct1]
+pollinterval = 2
+# If set to 0, we don't reset the counters for each polling (default is 1).
+#zerocounter = 0
+# Set timestamp (default is 0, which means not set). This timestamp can be
+# interpreted by the output plugin.
+#timestamp = 1
+
+[graphite1]
+host="127.0.0.1"
+port="2003"
+# Prefix of data name sent to graphite server
+prefix="netfilter.nfacct"
--- /dev/null
+# Example configuration for ulogd
+# $Id$
+# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+
+# logfile for status messages
+logfile="/var/log/ulogd/ulogd.log"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+loglevel=3
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
+plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
+plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
+plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+
+# this is a stack for logging packet send by system via LOGEMU
+stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU
+stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for ULOG packet-based logging via LOGEMU
+stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for flow-based logging via LOGEMU
+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+
+# this is a stack for flow-based logging via OPRINT
+#stack=ct1:NFCT,op1:OPRINT
+
+# this is a stack for flow-based logging via XML
+#stack=ct1:NFCT,xml1:XML
+
+# this is a stack for logging in XML
+#stack=log1:NFLOG,xml1:XML
+
+# this is a stack for NFLOG packet-based logging to PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
+
+# this is a stack for logging packet to MySQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
+
+# this is a stack for logging packet to PGsql after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+
+# this is a stack for logging packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for flow-based logging to MySQL
+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
+
+# this is a stack for flow-based logging to PGSQL
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
+
+# this is a stack for flow-based logging to PGSQL without local hash
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+
+
+# this is a stack for flow-based logging in NACCT compatible format
+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+
+[ct1]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
+#pollinterval=10 # use poll-based logging instead of event-driven
+
+[ct2]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+hash_enable=0
+
+# Logging of system packet through NFLOG
+[log1]
+# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
+group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# set number of packet to queue inside kernel
+#netlink_qthreshold=1
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
+
+# packet logging through NFLOG for group 1
+[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=1 # Group has to be different from the one use in log1
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
+#bind=1
+
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
+[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=2 # Group has to be different from the one use in log1/log2
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#bind=1
+
+[ulog1]
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+#numeric_label=0 # optional argument
+
+[emu1]
+file="/var/log/ulogd/syslogemu.log"
+sync=1
+
+[op1]
+file="/var/log/ulogd/oprint.log"
+sync=1
+
+[xml1]
+directory="/var/log/ulogd/"
+sync=1
+
+[pcap1]
+sync=1
+
+[mysql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[mysql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[pgsql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql3]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_OR_REPLACE_CT"
+
+[dbi1]
+db="ulog2"
+dbtype="pgsql"
+host="localhost"
+user="ulog2"
+table="ulog"
+pass="ulog2"
+procedure="INSERT_PACKET_FULL"
+
+[sys2]
+facility=LOG_LOCAL2
+
+[nacct1]
+sync = 1
+
+[mark1]
+mark = 1
# by the input plugin is coding the action on packet: if 0, then
# packet has been blocked and if non null it has been accepted.
#boolean_label=1
+# Uncomment the following line to use JSON v1 event format that
+# can provide better compatility with some JSON file reader.
+#eventv1=1
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sys2]
facility=LOG_LOCAL2
# Modified by: Martin Schlemmer, <azarah@gentoo.org>
# Modified by: Mike Frysinger, <vapier@gentoo.org>
# Modified by: Robin H. Johnson, <robbat2@gentoo.org>
+# Modified by: William Hubbs, <williamh@gentoo.org>
#
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.2 2013/04/20 03:51:26 vapier Exp $
+# $Id$
# Default runlevel.
id:3:initdefault:
# System initialization, mount local filesystems, etc.
-si::sysinit:/sbin/rc sysinit
+si::sysinit:/sbin/openrc sysinit
# Further system initialization, brings up the boot runlevel.
-rc::bootwait:/sbin/rc boot
-
-l0:0:wait:/sbin/rc shutdown
-l0s:0:wait:/sbin/halt -dhp
-l1:1:wait:/sbin/rc single
-l2:2:wait:/sbin/rc nonetwork
-l3:3:wait:/sbin/rc default
-l4:4:wait:/sbin/rc default
-l5:5:wait:/sbin/rc default
-l6:6:wait:/sbin/rc reboot
-l6r:6:wait:/sbin/reboot -dk
+rc::bootwait:/sbin/openrc boot
+
+l0:0:wait:/sbin/openrc shutdown
+l0s:0:wait:/sbin/halt -dhnp
+l1:1:wait:/sbin/openrc single
+l2:2:wait:/sbin/openrc nonetwork
+l3:3:wait:/sbin/openrc default
+l4:4:wait:/sbin/openrc default
+l5:5:wait:/sbin/openrc default
+l6:6:wait:/sbin/openrc reboot
+l6r:6:wait:/sbin/reboot -dkn
#z6:6:respawn:/sbin/sulogin
# new-style single-user
-su0:S:wait:/sbin/rc single
+su0:S:wait:/sbin/openrc single
su1:S:wait:/sbin/sulogin
# TERMINALS
+#x1:12345:respawn:/sbin/agetty 38400 console linux
c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux
c2:2345:respawn:/sbin/agetty 38400 tty2 linux
c3:2345:respawn:/sbin/agetty 38400 tty3 linux
+++ /dev/null
-/var/log/clamav/clamd.log {
- su clamav clamav
- missingok
- postrotate
- /etc/init.d/clamd logfix
- /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
- endscript
-}
-
-/var/log/clamav/freshclam.log {
- su clamav clamav
- missingok
- postrotate
- /etc/init.d/clamd logfix
- /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
- endscript
-}
# by the input plugin is coding the action on packet: if 0, then
# packet has been blocked and if non null it has been accepted.
#boolean_label=1
+# Uncomment the following line to use JSON v1 event format that
+# can provide better compatility with some JSON file reader.
+#eventv1=1
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
[sqlite3_ct]
table="ulog_ct"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sqlite3_pkt]
table="ulog_pkt"
db="/var/log/ulogd/ulogd.sqlite3db"
-buffer=200
[sys2]
facility=LOG_LOCAL2
projects / config / uhu1 / etc.git / commitdiff