Hi, Kenneth Porter wrote:
--On Thursday, November 18, 2004 10:03 AM -0700 Brad Morgan <B-Morgan@xxxxxxxxxxxxxx> wrote:I'm using a simple script to detect when someone connects to the battle.net . The basic Idea is to check for /proc/net/ip_conntrack for battle.net connections. Here is a simple version which has to be run every n minutes.
I'm using a Linux firewall with IPTables as my home firewall.
Take a look at "port triggering". This is a feature in the Linksys WRT54G, which uses uClinux under the hood. When an outbound connection is seen to a particular port, a port forwarding rule is installed for the internal client. I'm guessing this is done by monitoring the iptables logs and installing a custom chain on demand that's removed after a period of inactivity.
Greets
Jochen Radmacher
---- cut here ----
#!/bin/bash
CONNECTED=0;
#Bugfix for netfilter bug 227
IPADDR=$(/sbin/ifconfig | grep -i "ppp0" -A 1|grep "inet addr"|cut -d " " -f 12|
cut -d ":" -f 2)
#you can repeat the following 4 lines with different argument for grep to make an 'OR'
egrep '213\.248\.106\.' /proc/net/ip_conntrack |grep $IPADDR >/dev/null
if [ "$?" -eq "0" ]; then
CONNECTED=1;
fi
if [ "$CONNECTED" -eq "1" ]; then #do something iptables -A .... else iptables -D .... fi
