Linux Routing modifications?

[yelledbett]

Does anyone know how you can insert logic into the routing decisions the kernel makes? This is the basic question I am trying to answer.

My situation goes like this: I want to confirm that a web application has been filled out properly daily (This is to be used in a medical webapp situation where it is important the user is filling in proper medical information daily), and if not, disallow internet usage until it has been. I only want to block NEW connections, RELATED/ESTABLISHED connections are allowed to remain. I would imagine this is basically the technology that hotels/wifi spots use to control access. Does anyone know how to do this with netfilter & iproute2?

Thanks,
Yelledbett

[rossonieri#1]

Does anyone know how you can insert logic into the routing decisions the kernel makes? This is the basic question I am trying to answer.

My situation goes like this: I want to confirm that a web application has been filled out properly daily (This is to be used in a medical webapp situation where it is important the user is filling in proper medical information daily), and if not, disallow internet usage until it has been. I only want to block NEW connections, RELATED/ESTABLISHED connections are allowed to remain. I would imagine this is basically the technology that hotels/wifi spots use to control access. Does anyone know how to do this with netfilter & iproute2?

Thanks,
Yelledbett

well - i'm not an expert

first : this logic should be trigger by your application finished statement.
and, is this on a separate machines?

let say :
08.00pm application input done -> execute script insert iptables rule to allow NEW connection.
done insertion -> start data transfer
done data transfer -> execute script delete iptables rule that allow NEW connection.

but - i dont think iptables allow a realtime blocking without restarting the whole iptables. maybe same goes to netfilter.

HTH.