Find the answer to your Linux question:
Results 1 to 2 of 2
Does anyone know how you can insert logic into the routing decisions the kernel makes? This is the basic question I am trying to answer. My situation goes like this: ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2007
    Posts
    3

    Linux Routing modifications?


    Does anyone know how you can insert logic into the routing decisions the kernel makes? This is the basic question I am trying to answer.

    My situation goes like this: I want to confirm that a web application has been filled out properly daily (This is to be used in a medical webapp situation where it is important the user is filling in proper medical information daily), and if not, disallow internet usage until it has been. I only want to block NEW connections, RELATED/ESTABLISHED connections are allowed to remain. I would imagine this is basically the technology that hotels/wifi spots use to control access. Does anyone know how to do this with netfilter & iproute2?

    Thanks,
    Yelledbett

  2. #2
    Just Joined!
    Join Date
    Sep 2007
    Posts
    4
    Quote Originally Posted by yelledbett View Post
    Does anyone know how you can insert logic into the routing decisions the kernel makes? This is the basic question I am trying to answer.

    My situation goes like this: I want to confirm that a web application has been filled out properly daily (This is to be used in a medical webapp situation where it is important the user is filling in proper medical information daily), and if not, disallow internet usage until it has been. I only want to block NEW connections, RELATED/ESTABLISHED connections are allowed to remain. I would imagine this is basically the technology that hotels/wifi spots use to control access. Does anyone know how to do this with netfilter & iproute2?

    Thanks,
    Yelledbett
    well - i'm not an expert

    first : this logic should be trigger by your application finished statement.
    and, is this on a separate machines?

    let say :
    08.00pm application input done -> execute script insert iptables rule to allow NEW connection.
    done insertion -> start data transfer
    done data transfer -> execute script delete iptables rule that allow NEW connection.

    but - i dont think iptables allow a realtime blocking without restarting the whole iptables. maybe same goes to netfilter.

    HTH.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •