Thanks Simon. That helps out heaps. Going to use what you said and use
monit.
Kind Regards
William
-Original Message-
From: Simon Lodal [mailto:[EMAIL PROTECTED]
Sent: 16 September 2006 14:17
To: lartc@mailman.ds9a.nl
Cc: William Bohannan
Subject: Re: [LARTC] process id with firewall and tc
Routing, firewalling and shaping run in kernel and has no pid. Instead you
can
get/set /proc flags, and check for the presence of certain data structures.
/proc/sys/net/ipv4/ip_forward is the routing master switch. If 0, the
machine
forwards nothing. You can both set and get the value, should be relatively
easy from a web page. Beware that setting it to 1 may reset other /proc keys
to default values.
For iptables firewalling you probably need to check if your rules are loaded
or not, a script parsing 'iptables -nL' output could do it. Or you could use
a condition match "enabled" in the beginning of each table, and drop all
traffic if the condition is false. The /proc/net/ipt_condition/enabled value
can then be read and set as a master switch from the web page.
Shaping has no /proc files, and no way to create a master switch, so you
need
a script that parses 'tc qdisc show dev eth0' or 'tc class show dev eth0'
output.
Regards,
Simon
On Saturday 16 September 2006 15:38, William Bohannan wrote:
> Not sure this is the correct place to post this but I am looking to have
> status of the firewall and traffic control (active, disabled, stopped etc)
> on a webpage controlled via something like pid as the machine has many
> things running on it, like firewall, traffic control, data collection for
> graphing the traffic flows, as well as other services like squid etc. Any
> ideas would be most helpful.
>
>
>
> Kind Regards
>
>
>
> William
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc