On Sat, 2005-12-03 at 17:39 -0500, James Rhett Aultman wrote: > Dear Netfilter users, > > Again, to explain the mechanism I need: when the > machine encounters a packet matching a rule, I want the machine to run a > specific program and drop the packet. > > Is something like this possible using iptables or another netfilter project? Yes, just use the QUEUE or NFQUEUE target. This send packet to userspace and there you can do what you want. In your case, match and accept the packets and then a match is done, do your job .... If you need some code example, you can have a look at NuFW : http://www.nufw.org/ By the way, you could also have a look at ulogd2 which brings some features that may interest you : http://svn.gnumonks.org/branches/ulog/ulogd2/ BR, -- Eric Leblond <eric@xxxxxx> INL
Attachment:
signature.asc
Description: This is a digitally signed message part
