Hi Why don't you get the Java app to export some kind of text that you can get netfilter to parse with regular unix utilities (sed, awk, grep). Create a cron job to parse the file every 10 minutes (if that's regular enough) that parses the text file and reloads your iptables rules as per the file. Ray On Mon, 2003-06-23 at 20:43, Tony Thompson wrote: > I am investigating an option to use netfilter to allow/deny traffic from > the local subnet based on rules/accounting information that is in > another (Java based) system. I am new to netfilter so, I can someone > offer some suggestions: > > 1. Is netfilter the right place to hook or should I look at a firewall > that may provide some higher level hooks for authentication and > accounting? > > 2. If I should hook into netfilter, is it a good idea to call into a > JVM from a netfilter module? > > 3. I am not sure what kind of control I have when using the userspace > driver but, should I use that in this situation? Can I use that > directly from Java so I wouldn't have the hassel of calling into a JVM > from a native process? > > If anyone can offer any other suggestions or examples, that would be > appreciated. > > Thanks. > Tony -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
