On 13/10/10 17:24, Mr Dash Four wrote: > Is it possible to use event-driven connection tracking - with > conntrack-utils or by other means? > > Ideally, what I would like to do is 'register' a handler for particular > connection events (when new connection is established and then closed > for example) based on particular pre-defined filter (say, by protocol, > source/destination ip etc) and execute a program code/function (if done > programmatically) or a script (if done outside the connection-tracking > domain) to do what I want? > Currently, the only way to track such 'events' is if I include a > separate chain in iptables tracking a particular connection (and logging > the event via a normal log jump), but that is not enough for me as I > also need to trigger a full dump based on that particular 'filter' and > end this dump when the connection is closed. Any ideas? You can use libnetfilter_conntrack for that: http://www.netfilter.org/projects/libnetfilter_conntrack/index.html There are several examples under utils/ in the tarballs that are distributed. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
