| blob | 0fa92229a10054e7115ad2b8316be6bc0d4d28c0 |
1 import ../make-test-python.nix ({ pkgs, lib, ... }: {
2 name = "ulogd";
4 meta.maintainers = with lib.maintainers; [ p-h ];
6 nodes.machine = { ... }: {
7 networking.firewall.enable = false;
8 networking.nftables.enable = true;
9 networking.nftables.ruleset = ''
10 table inet filter {
11 chain input {
12 type filter hook input priority 0;
13 icmp type { echo-request, echo-reply } log group 2 accept
14 }
16 chain output {
17 type filter hook output priority 0; policy accept;
18 icmp type { echo-request, echo-reply } log group 2 accept
19 }
21 chain forward {
22 type filter hook forward priority 0; policy drop;
23 }
25 }
26 '';
27 services.ulogd = {
28 enable = true;
29 settings = {
30 global = {
31 logfile = "/var/log/ulogd.log";
32 stack = [
33 "log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU"
34 "log1:NFLOG,base1:BASE,pcap1:PCAP"
35 ];
36 };
38 log1.group = 2;
40 pcap1 = {
41 sync = 1;
42 file = "/var/log/ulogd.pcap";
43 };
45 emu1 = {
46 sync = 1;
47 file = "/var/log/ulogd_pkts.log";
48 };
49 };
50 };
52 environment.systemPackages = with pkgs; [ tcpdump ];
53 };
55 testScript = lib.readFile ./ulogd.py;
56 })