On Saturday 14 August 2004 12:09 pm, Sören Lorenz wrote:
> Samuel Jean schrieb:
> >That's not netfilter/iptables job. inetd better suits to your needs.
> >I don't know much about Squid, but I guess it supports inetd.
>
> No, it doesn't. It needs to bind the port directly, no way to run it via
> inetd.
Indeed! The idea of spawning Squid from inetd is horrible :(
> >>When the router disconnects from my ISP, Squid is shutdown again.
> >
> >Again, not iptables/netfilter. Inetd can.
>
> Come on, there must be a way to trigger userspace actions on netfilter
> matches. Some people do realtime blacklisting on portscanning IPs. I'm
> looking for a lightweight (router suitable) way to do this. Solutions
> depending on Perl are not an option.
Try investigating the ULOG target perhaps?
Antony.
--
"Reports that say that something hasn't happened are always interesting to me,
because as we know, there are known knowns; there are things we know we know.
We also know there are known unknowns; that is to say we know there are some
things we do not know. But there are also unknown unknowns - the ones we
don't know we don't know."
- Donald Rumsfeld, US Secretary of Defence
Please reply to the list;
please don't CC me.
