1. Ulogd configuration
    1. MySQL configuration
    2. Ulogd Installation
    3. Ulogd configuration
    4. Netfilter/iptables setup

Ulogd configuration

MySQL configuration

This step is described in Nulog2's installation guide.

Ulogd Installation

Ulogd can be easily installed from source via a standard: 

./configure
make
make install

Please note this article only cover ulogd setup. Ulogd2 setup is very different from ulogd setup.

Debian user can install ulogd via the following command: 

aptitude install ulogd ulogd-mysql

Ulogd configuration

Ulogd configuration is done via the configuration file /etc/ulogd.conf. First step is to uncomment the following line to activate the MySQL output: 

    plugin="/usr/lib/ulogd/ulogd_MYSQL.so" #uncomment it for use

Once this is done, search in the file the following lines and modify them to suit your setup: 

    [MYSQL]
    table="ulog"
    pass=""
    user="root"
    db="ulog"
    host="localhost"

You can now restart ulogd to take change into account.

Netfilter/iptables setup

You will need to replace all iptables logging line that were using LOG target with line using the ULOG target. Broadly speaking you will need to replace: 

iptables -A FORWARD $FILTER -j LOG --log-prefix $PREFIX

with: 

iptables -A FORWARD $FILTER -j ULOG --ulog-prefix $PREFIX