The netfilter.org "ulogd" project

ulogd is a userspace logging daemon for netfilter/iptables related logging. This includes per-packet logging of security violations, per-packet logging for accounting purpose as well as per-flow logging.

ulogd comes in two flavours: ulogd-1.x has been around since 2000 and is the stable series. All production systems should use the stable series at this time. ulogd-2.x is currently in beta stage.

ulogd-1.x requires nothing netfilter-related. If you need SQL database output suport, you will need the header files of the respective libraries.

ulogd-2.x requires libnetfilter_log for nfnetlink_log based logging, and libnetfilter_conntrack for connection (flow) based logging using ip_conntrack_netlink or nf_conntrack_netlink. For both libraries, you need a kernel that supports the respective kernel-level interfaces. Among officially released kernels, this means 2.6.14 or later.

The current stable version of ulogd-1.x can be accessed at https://git.netfilter.org/cgi-bin/gitweb.cgi?p=ulogd.git;a=summary.

The current development version of ulogd-2.x can be accessed at https://git.netfilter.org/cgi-bin/gitweb.cgi?p=ulogd2.git;a=summary.

ulogd was almost entirely written by Harald Welte.