On Fri, Jan 29, 2010 at 10:12 AM, Rajagopal Swaminathan <raju.rajsand@xxxxxxxxx> wrote: > Greetings, > > How does one monitor if a site is being accessed using browser? > > IOW, I just want to know if a user has launched a session thru Firefox. > > I basically want to know if a user has tried to access the webserver > and unable to reach it and log such instances. > > I am using cron and curl to seperately monitor the link. > > Any clues? > > Centos 5.2/Gnome/Firefox 3.0.16 > > Regards > > Rajagopal why not to try do this with iptables with combination with inotify from man iptables --uid-owner userid Matches if the packet was created by a process with the given effective user id. --gid-owner groupid Matches if the packet was created by a process with the given effective group id. --cmd-owner name Matches if the packet was created by a process with the given command name. (this option is present only if iptables was compiled under a kernel supporting this feature) then adding in iptables rule -j LOG --log-level 4 --log-prefix "some_prefix " secondly you can watch connection states with commands: -m state --state NEW SYN packet was sent -m state --state ESTABLISHED,RELATED you are getting response and then in syslog.conf kern.warning /var/log/iptables.log you then can watch with inotify /var/log/iptables.log file and do whatever you should Also i would watch not only trafiic to external tcp 80 port, but also and tcp/udp 53 port. browser can even don't try to load page if it doesn'i resolve dns name, or entered domain does not exist. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos