Thanks Simon. That helps out heaps. Going to use what you said and use monit. Kind Regards William -----Original Message----- From: Simon Lodal [mailto:simonl@xxxxxxxxxx] Sent: 16 September 2006 14:17 To: lartc@xxxxxxxxxxxxxxx Cc: William Bohannan Subject: Re: process id with firewall and tc Routing, firewalling and shaping run in kernel and has no pid. Instead you can get/set /proc flags, and check for the presence of certain data structures. /proc/sys/net/ipv4/ip_forward is the routing master switch. If 0, the machine forwards nothing. You can both set and get the value, should be relatively easy from a web page. Beware that setting it to 1 may reset other /proc keys to default values. For iptables firewalling you probably need to check if your rules are loaded or not, a script parsing 'iptables -nL' output could do it. Or you could use a condition match "enabled" in the beginning of each table, and drop all traffic if the condition is false. The /proc/net/ipt_condition/enabled value can then be read and set as a master switch from the web page. Shaping has no /proc files, and no way to create a master switch, so you need a script that parses 'tc qdisc show dev eth0' or 'tc class show dev eth0' output. Regards, Simon On Saturday 16 September 2006 15:38, William Bohannan wrote: > Not sure this is the correct place to post this but I am looking to have > status of the firewall and traffic control (active, disabled, stopped etc) > on a webpage controlled via something like pid as the machine has many > things running on it, like firewall, traffic control, data collection for > graphing the traffic flows, as well as other services like squid etc. Any > ideas would be most helpful. > > > > Kind Regards > > > > William _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
