Find a 'hook' for iptables changes on the UDMP that trigger the update to he-ipv6 so that a cron job is no longer needed #2
Labels
Comments
telnetdoogie
added
enhancement
|
Was curious about this, it seemed like maybe ebpf or auditd would work, but auditd isnt in the kernel on my UDMP.. |
|
Doing some research, it's possible something like the following could monitor the interface(s): monitor: change.sh: #!/bin/bash
if [[ $@ == *"UP"* ]]; then
echo $@
echo "Looks like an interface came up!"
echo ""
elif [[ $@ == *"DOWN"* ]]; then
echo $@
echo "Looks like an interface went down!"
echo ""
fi...but some research would have to be done on what type of events would trigger a re-evaluation and potential re-setup of the ipv6 connection |
|
I may spend more time on this to see if [RULE] events come from the change in firewall when things are modified in the UI, but this is pretty low on my priority list... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Perhaps someone can find an event on the UDMP that is triggered when iptables are refreshed so that he-ipv6 chains can be restored / regenerated (or perhaps there's a way to inject that interface to be addressed for changes as well as eth8/eth9 when the changes happen, so it's much better integrated and no 'trigger' / artificial update is needed at all)
The text was updated successfully, but these errors were encountered: