Privileged host, trigger script via netfilter?
John Nilsson
pzycrow@hotmail.com
Sun, 07 Oct 2001 22:38:38 +0200
I wonder, what is the best way to have netfilter change some settings after
a specifik packet is traversing the chains.
What I want is to allow my host to send a ping or similar to the firewall
with the result of setting a special rule to route all unknown (i.e. Failed
connection tracking) trafik to that host.
A special packet (ping?) comes from 192.168.0.3
triggers sh /etc/init.d/firewall 192.168.0.3
this script has theese lines (among others):
iptables -X
iptables -F
iptables -Z
[ ".$1" != "." ] && iptables -A FORWARD -d $1 -j ACCEPT
[ ".$1" != "." ] && iptables -A PREROUTING -d $IPFW -j DNAT --to $1
Question 1: Will the script do the intended?
Question 2: What is the best way to trigger this script form the INPUT
chain?
Note that security is not a big issue. My main intrest is NAT.
/John Nilsson
P.S. Please CC me, of some reason I cannot read the digests D.S.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp