> I'm looking for something like an extra-flexible ipfwadm. Something
> that will, for example, execute a command or idealy prompt for a
> password when someone tries to access (outgoing) a given port. Does such a
> thing exist for Linux?
Not as such. You can use `ipfwadm ... -o' to force certain packets to
be logged. You could then have something monitoring the logs. Or you
could use `ipfwadm ... -r ...' to redirect the packet to a particular
port.
However, you can't always associate a packet with a particular
process. If the socket from which it was sent still exists, then you
can find it by searching /proc/net/{tcp,udp} for the appropriate port.
Unfortunately, if the socket is closed before you get the chance to
look for it (as tends to be the case with DNS queries), then I think
that you're out of luck.
-- Glynn Clements <glynn@sensei.co.uk> - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu