paulc1976 has asked for the wisdom of the Perl Monks concerning the following question:

Hi everyone, I'm need to be able to detect when a change is made in linux iptables configuration and send it to my perl program im developing, for example if a filtering rule was added or removed using the command line then this would automatically send a message to my program with the details of the changes. I was wondering if signals were the way to go? I want to be able to modify the iptables configuration from any shell, not directly from my program. Any guidance would be much appreciated. thanks in advance, Paul

Replies are listed 'Best First'.
Re: Getting a signal from iptables
by JavaFan (Canon) on Dec 20, 2011 at 19:16 UTC
    First of all, your question isn't a Perl question. It's a Linux question, and you're far more likely to get a useful answer on a Linux or a Linux networking forum than you will be getting here.

    Having said that, I don't think iptables has anything build in that does a callback. Depending on what you're defending against, you could place a wrapper around the various /sbin/iptables* programs; replace said programs with ones you wrote yourself, or hack the kernel.

    But again, there's nothing Perl specific in either the question, or the answer.

[reply]
[d/l]
      You could potentially have a perl script that is executed every X minutes by cron (or that loops and sleeps) and compares the current set of rules to the last-known set to detect differences.

      mr.nick ...

[reply]

        thanks for your replies guys, all good suggestions although i need something that will trigger immediately rather than polling at regular intervals. I wouldnt know where to start with hacking the linux kernel! I've found a few iptables modules on cpan, might see if i can use those.

[reply]
Re: Getting a signal from iptables
by Marshall (Canon) on Dec 24, 2011 at 01:44 UTC
[reply]
      thanks for that, I'll look into it. Paul
[reply]

Back to Seekers of Perl Wisdom