Re: How to start external script when ipfilter rule matches

All of lore.kernel.org
 help / color / mirror / Atom feed

From: nadim <nadim@khemir.net>
To: netfilter@lists.netfilter.org
Subject: Re: How to start external script when ipfilter rule matches
Date: Sat, 7 Aug 2004 00:17:29 +0200	[thread overview]
Message-ID: <200408070017.29454.nadim@khemir.net> (raw)
In-Reply-To: <1089.216.239.71.162.1091820833.squirrel@216.239.71.162>

I'm a complete noob so I am certainly wrong. I posted a question a few days 
ago about IPQ (that no one bothered to answer :-( ).

Isn't ipq what Sören is trying to come to?

here is a link to what can be done friom perl:
http://michael.toren.net/slides/ipqueue/

Am I getting all wrong?

Cheersn, Nadim.

On Friday 06 August 2004 21:33, Samuel Jean wrote:
> > Date: Thu, 05 Aug 2004 22:39:51 +0200
> > From: Sören Lorenz <soeren.lorenz@web.de>
> >
> > I'd like to start Squid when packets arrive on port 3128 on my router.
>
> That's not netfilter/iptables job. inetd better suits to your needs.
> I don't know much about Squid, but I guess it supports inetd.
>
> > When the router disconnects from my ISP, Squid is shutdown again.
>
> If that isn't a question, goto CONTINUE
>
> As you seem to be using PPP connection, I'd consider using
> /etc/ppp/ip-down bash script which is launched after successfull
> disconnection process.
>
> :CONTINUE
> :
> > Ideally the packets would be kept on hold until Squid is running and
> > then delivered to the daemon. Another question is to shutdown squid
> > after a certain time of inactivity on port 3128. Is there a way to
> > achive this with ipfilter?
>
> Again, not iptables/netfilter. Inetd can.
>
> > Thanks in advance.
> >
> > Regards,
> >
> > Sören Lorenz
>
> Hope this helps.

next prev parent reply	other threads:[~2004-08-06 22:17 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20040806042631.5824.39404.Mailman@vishnu.netfilter.org>
2004-08-06 19:33 ` How to start external script when ipfilter rule matches Samuel Jean
2004-08-06 22:17   ` nadim [this message]
2004-08-06 22:41     ` Michael Gale
2004-08-07  8:28       ` nadim
2004-08-14 11:09   ` Sören Lorenz
2004-08-14 11:20     ` Antony Stone
2004-08-19  9:40       ` Sören Lorenz
2004-08-05 20:39 Sören Lorenz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200408070017.29454.nadim@khemir.net \
    --to=nadim@khemir.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.