:)
I'm wanting to be able to run a system command when an IPTable rule is hit, passing the IP address of the remote device to it.
I've had a look around but found nothing. I thought of grepping logs, but I'm expecting a lot of traffic..
Any help would be fantastic!
Thanks
(If it helps, Ubuntu Linux is my platform of choice)
Here is how you do it:
iptables -I FORWARD -p tcp --dport 80 -d a.b.c.d -j LOG --log-prefix="TRIGGER ME NOW !!!"
tail -f some-logfile | awk '/some-pattern/ {system("run-some-command")}'
Should be straight forward enough and should be able to deal with lots of traffic, the tail command should be quick enough... Just make sure the file doesn't grow too much.