On Sunday 13 January 2002 01:01, Earl F Hampton wrote: > On Saturday 12 January 2002 21:11, [EMAIL PROTECTED] wrote: > > Hi. > > > > I am trying to create script that would activate when other > > machines connect to certain ports on internet through this machine. > > This box is doing the masquarading. > > > > I tried to use tcpdump, but it does not have any timeout options > > that I need. And besides I just need to see if connection is > > established. The packets might take a while to come in. I need > > almost immidiate answer. I don't need to see the packets just that > > there is currently a link established between a masquaraded machine > > and a site on internet with a specific port#. Sort of like what > > "netstat -an" does, but looking at non-local connections. > > > > Any ideas ? > > Have you tried iptables using log as a target > or even limit and log > or ulog if you feel ambitious. > > ipchains also has logging. > > Earl F Hampton
I'm using 2.2 kernel, so I tried ipchains logging an the amount of logging is of the port alone is too big (~6MB / day). I don't want to have to rotate logs quicker or bother with extracting the ipchains logging entries in relation to that particular port#. I want a more graceful solution. Any ideas ? I need a quick non-local routing info, not detailed info on packets.