--- rpms/e-smith-packetfilter/sme10/e-smith-packetfilter-2.6.0bz11426-ulogd.patch	2021/03/05 04:43:29	1.2
+++ rpms/e-smith-packetfilter/sme10/e-smith-packetfilter-2.6.0bz11426-ulogd.patch	2021/03/05 06:29:37	1.6
@@ -1,7 +1,7 @@
 diff -Nur e-smith-packetfilter-2.6.0.old/createlinks e-smith-packetfilter-2.6.0/createlinks
 --- e-smith-packetfilter-2.6.0.old/createlinks	2021-03-04 16:01:39.921000000 -0500
-+++ e-smith-packetfilter-2.6.0/createlinks	2021-03-04 16:52:55.378000000 -0500
-@@ -21,18 +21,10 @@
++++ e-smith-packetfilter-2.6.0/createlinks	2021-03-05 01:25:40.537000000 -0500
+@@ -21,18 +21,12 @@
      safe_symlink("reload", "root/etc/e-smith/events/$_/services2adjust/masq");
  }
  
@@ -11,20 +11,21 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 -    # But, after the bootstrap-console has had a chance to configure masq
 -    masq 	=> "36",
 -);
--
++my $event ="e-smith-packetfilter-update";
++safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ulogd");
++event_link("systemd-reload", $event, "89");
++event_link("systemd-default", $event, "88");
++templates2events("/etc/logrotate.d/ulogd", $event);
+ 
 -foreach my $service (keys %service2order)
 -{
 -# removed for systemd
 -#    service_link_enhanced($service, $service2order{$service}, 7);
 -}
-+my $event ="e-smith-packetfilter-update";
-+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ulogd");
-+event_link("systemd-reload", $event, "89");
-+event_link("systemd-default", $event, "88");
  
  #systemd
  foreach my $target (qw(multi-user sme-server))
-@@ -41,6 +33,7 @@
+@@ -41,6 +35,7 @@
  
  foreach my $unit (qw(
          masq.service
@@ -47,17 +48,48 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 +++ e-smith-packetfilter-2.6.0/root/etc/e-smith/db/configuration/force/ulogd/status	2021-03-04 16:39:04.280000000 -0500
 @@ -0,0 +1 @@
 +enabled
-diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/basic e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/basic
---- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/basic	2008-10-07 13:36:41.000000000 -0400
-+++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/basic	2021-03-04 23:22:10.840000000 -0500
-@@ -1,12 +1,125 @@
- [global]
- nlgroup=1
--logfile=/dev/stdout
-+logfile=/var/log/iptables/ulogd.log
- loglevel=5
- rmem=131071
- bufsize=150000
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/logrotate.d/ulogd/50log e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/logrotate.d/ulogd/50log
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/logrotate.d/ulogd/50log	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/logrotate.d/ulogd/50log	2021-03-05 01:22:20.009000000 -0500
+@@ -0,0 +1,23 @@
++/var/log/ulogd/ulogd.log  {
++    missingok
++    notifempty
++    weekly
++    compress
++    sharedscripts
++    postrotate
++        /usr/bin/systemctl reload ulogd  > /dev/null 2>&1
++    endscript
++}
++
++/var/log/iptables/*.log {
++    missingok
++    notifempty
++    daily
++    compress
++    sharedscripts
++    postrotate
++        /usr/bin/systemctl reload ulogd  > /dev/null 2>&1
++    endscript
++}
++
++
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/10global e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/10global
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/10global	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/10global	2021-03-05 00:42:31.135000000 -0500
+@@ -0,0 +1,7 @@
++[global]
++nlgroup=1
++logfile=/var/log/ulogd/ulogd.log
++loglevel=5
++rmem=131071
++bufsize=150000
++
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/20plugins e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/20plugins
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/20plugins	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/20plugins	2021-03-05 00:46:44.053000000 -0500
+@@ -0,0 +1,38 @@
 +
 +######################################################################
 +# PLUGIN OPTIONS
@@ -68,23 +100,20 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 +# 0. don't specify any plugin for ulogd to load them all
 +# 1. load the plugins _first_ from the global section
 +# 2. options for each plugin in seperate section below
- plugin={ -f "/usr/lib64/ulogd/ulogd_BASE.so" ? "/usr/lib64/ulogd/ulogd_BASE.so" : "/usr/lib/ulogd/ulogd_BASE.so" }
- plugin={ -f "/usr/lib64/ulogd/ulogd_LOGEMU.so" ? "/usr/lib64/ulogd/ulogd_LOGEMU.so" : "/usr/lib/ulogd/ulogd_LOGEMU.so" }
- 
-+{
++
 +#plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
-+#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
++plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
 +#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
 +#plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
-+#plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
++plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
-+#plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
++plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
 +#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
-+#plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
++plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
@@ -94,90 +123,54 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 +#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
-+#plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
++plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
 +#plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
 +#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
 +
-+# this is a stack for logging packet send by system via LOGEMU
-+#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-+
-+# this is a stack for packet-based logging via LOGEMU
-+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-+
-+# this is a stack for ULOG packet-based logging via LOGEMU
-+#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-+
-+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
-+#stack=log2:NFLOG,base1:BASE,mark1:MARK,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-+
-+# this is a stack for packet-based logging via GPRINT
-+#stack=log1:NFLOG,gp1:GPRINT
-+
-+# this is a stack for flow-based logging via LOGEMU
-+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/30stacks e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/30stacks
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/30stacks	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/30stacks	2021-03-05 00:47:14.410000000 -0500
+@@ -0,0 +1,4 @@
++
++#our base stack ULOG to LOGEMU
++stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
++
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/40configs e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/40configs
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/40configs	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/40configs	2021-03-05 01:29:19.297000000 -0500
+@@ -0,0 +1,10 @@
++[ulog1]
++# denylog:
++# netlink multicast group (the same as the iptables --ulog-nlgroup param)
++nlgroup=1
++
++
++[emu1]
++file="/var/log/iptables/denylog.log"
++sync=1
 +
-+# this is a stack for flow-based logging via GPRINT
-+#stack=ct1:NFCT,gp1:GPRINT
-+
-+# this is a stack for flow-based logging via XML
-+#stack=ct1:NFCT,xml1:XML
-+
-+# this is a stack for logging in XML
-+#stack=log1:NFLOG,xml1:XML
-+
-+# this is a stack for accounting-based logging via XML
-+#stack=acct1:NFACCT,xml1:XML
-+
-+# this is a stack for accounting-based logging to a Graphite server
-+#stack=acct1:NFACCT,graphite1:GRAPHITE
-+
-+# this is a stack for NFLOG packet-based logging to PCAP
-+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
-+
-+# this is a stack for logging packet to MySQL
-+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
-+
-+# this is a stack for logging packet to PGsql after a collect via NFLOG
-+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
-+
-+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
-+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
-+
-+# this is a stack for logging packets to syslog after a collect via NFLOG
-+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
-+
-+# this is a stack for logging packets to syslog after a collect via NuFW
-+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
-+
-+# this is a stack for flow-based logging to MySQL
-+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
-+
-+# this is a stack for flow-based logging to PGSQL
-+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
-+
-+# this is a stack for flow-based logging to PGSQL without local hash
-+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
-+
-+# this is a stack for flow-based logging to SQLITE3
-+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
-+
-+# this is a stack for logging packet to SQLITE3
-+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
-+
-+# this is a stack for flow-based logging in NACCT compatible format
-+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
-+
-+# this is a stack for accounting-based logging via GPRINT
-+#stack=acct1:NFACCT,gp1:GPRINT
-+
-+ $OUT="";
-+
-+}
- [LOGEMU]
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/basic e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/basic
+--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/ulogd.conf/basic	2008-10-07 13:36:41.000000000 -0400
++++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/ulogd.conf/basic	1969-12-31 19:00:00.000000000 -0500
+@@ -1,12 +0,0 @@
+-[global]
+-nlgroup=1
+-logfile=/dev/stdout
+-loglevel=5
+-rmem=131071
+-bufsize=150000
+-plugin={ -f "/usr/lib64/ulogd/ulogd_BASE.so" ? "/usr/lib64/ulogd/ulogd_BASE.so" : "/usr/lib/ulogd/ulogd_BASE.so" }
+-plugin={ -f "/usr/lib64/ulogd/ulogd_LOGEMU.so" ? "/usr/lib64/ulogd/ulogd_LOGEMU.so" : "/usr/lib/ulogd/ulogd_LOGEMU.so" }
+-
+-[LOGEMU]
 -file="/dev/stdout"
-+file="/var/log/iptables/ulogd.syslogemu"
- sync=1
+-sync=1
+diff -Nur e-smith-packetfilter-2.6.0.old/root/etc/yum/post-actions/ulogd.action e-smith-packetfilter-2.6.0/root/etc/yum/post-actions/ulogd.action
+--- e-smith-packetfilter-2.6.0.old/root/etc/yum/post-actions/ulogd.action	1969-12-31 19:00:00.000000000 -0500
++++ e-smith-packetfilter-2.6.0/root/etc/yum/post-actions/ulogd.action	2021-03-05 01:28:09.563000000 -0500
+@@ -0,0 +1 @@
++ulogd:any:/sbin/e-smith/expand-template /etc/logrotate.d/ulogd
 diff -Nur e-smith-packetfilter-2.6.0.old/root/usr/lib/systemd/system/sme-server.target.d/53koozali.conf e-smith-packetfilter-2.6.0/root/usr/lib/systemd/system/sme-server.target.d/53koozali.conf
 --- e-smith-packetfilter-2.6.0.old/root/usr/lib/systemd/system/sme-server.target.d/53koozali.conf	1969-12-31 19:00:00.000000000 -0500
 +++ e-smith-packetfilter-2.6.0/root/usr/lib/systemd/system/sme-server.target.d/53koozali.conf	2021-03-04 16:36:47.274000000 -0500
@@ -187,7 +180,7 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 +
 diff -Nur e-smith-packetfilter-2.6.0.old/root/usr/lib/systemd/system/ulogd.service e-smith-packetfilter-2.6.0/root/usr/lib/systemd/system/ulogd.service
 --- e-smith-packetfilter-2.6.0.old/root/usr/lib/systemd/system/ulogd.service	1969-12-31 19:00:00.000000000 -0500
-+++ e-smith-packetfilter-2.6.0/root/usr/lib/systemd/system/ulogd.service	2021-03-04 23:43:02.018000000 -0500
++++ e-smith-packetfilter-2.6.0/root/usr/lib/systemd/system/ulogd.service	2021-03-05 01:14:55.420000000 -0500
 @@ -0,0 +1,17 @@
 +[Unit]
 +Description=Netfilter Userspace Logging Daemon
@@ -200,9 +193,9 @@ diff -Nur e-smith-packetfilter-2.6.0.old
 +TimeoutSec=0
 +Type=forking
 +
-+#PIDFile=/run/ulog/ulogd.pid
-+#ExecStart=/usr/sbin/ulogd --daemon --uid ulog --pidfile /run/ulog/ulogd.pid
-+ExecStart=/usr/sbin/ulogd --daemon
++PIDFile=/run/ulog/ulogd.pid
++ExecStart=/usr/sbin/ulogd --daemon --uid ulog --pidfile /run/ulog/ulogd.pid
++ExecReload=/bin/kill -HUP $MAINPID
 +
 +[Install]
 +WantedBy=sme-server.target multi-user.target