LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-15-2004, 05:44 AM   #1
Zoidy
LQ Newbie
 
Registered: Jul 2003
Location: Germany
Distribution: Kubuntu / Xubuntu (Gutsy)
Posts: 12

Rep: Reputation: 0
Trigger script by message in /var/log/messages?


Hi

main question
I want to start a certain script every time a certain message appears in var/log/messages . Is there a more elegant way to do this than with tail -f and grep ?
Maybe a prog that monitors the kernel messages and can start/stop other programs or scripts?

background information
I would like to do this for reconfiguring my firewall. I use CIPE to establish a VPN with a friend of mine. Since we both have dyn IPs I can only open the CIPE port for all source IPs before the connection is established (since I donīt know his IP before, because I canīt be sure that his dyndns.org account has been already updated).
I want to close this port for all source IPs except his after the connection is established (being a little paranoid ... but it would help to get rid of a lot of ugly messages too).
My idea is: when the connection is established the message "new peer" appears in /var/log/messages, when the connection goes down, I get a "peer down". These messages should trigger a script that changes my iptables rules to fit the situation. Any other suggestions are of course welcome.

THX for any tips in advance
 
Old 01-15-2004, 10:24 AM   #2
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
It is much simpler (if you are not maximalist), to restrict access to that port to the dynamic IP addresses your friend used to get from his ISP.

Just grep out those IP addresses from /var/log/messages, and specify the corresponding IP address range on the firewall.

This is what I do in the same case.
 
Old 01-15-2004, 05:34 PM   #3
Zoidy
LQ Newbie
 
Registered: Jul 2003
Location: Germany
Distribution: Kubuntu / Xubuntu (Gutsy)
Posts: 12

Original Poster
Rep: Reputation: 0
THX for that suggestion! That would make it better and I will definatly use this to limit the initial hole in the firewall. But I use a quite big ISP, so I probably would have to use a quite big range (in fact there are at least 2 IP ranges) ...
Seems I am maximalist

And the possibility to start/stop programs depending on a certain kernel message could be usefull for other cases too
 
Old 01-17-2004, 01:03 AM   #4
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
What if he would send you e.g. a mail with his IP address immediately before connection?
That would require a script on his side.
But then you could catch that mail with procmail on the fly.

It would be more advantageous to send that mail BEFORE the connection is made, since then you could keep that port closed for anyone, and only open it when you receive his mail with his IP address.

Last edited by J_Szucs; 01-21-2004 at 11:24 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirecting the kernel messages to file other than /var/log/messages jyotika_b83 Linux - General 3 04-28-2005 07:39 PM
cron 'test' message in my /var/log/messages file visaris Linux - Newbie 1 12-13-2004 05:03 PM
/var/log/messages full of these messages. Should I be concerned? mdavis Linux - Security 5 04-16-2004 11:08 AM
Odd recurring message in /var/log/messages tarballedtux Linux - General 4 05-21-2003 09:28 PM
Recurring inetd error message in /var/log/messages jkcunningham Linux - Networking 6 08-27-2002 09:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration