How to passively control if Linux creates a new TCP connection?

Question

How to passively control if Linux creates a new TCP connection?

The easiest way is probably to write a loop to monitor / proc / net / tcp or / proc / net / tcp6. However, it is too inefficient, since I need to get a notification almost immediately. The closest I looked at is inotify, which can provide callbacks in I / O events in any files. The problem is that procfs is not a regular file system and inotify does not support it (at least not for / proc / net / tcp and / proc / net / tcp6).

In addition, I do not want the program to have root privileges to implement this.

EDIT: I removed the user space connection requirement. Also, I hope there is built-in kernel support, such as inotify, that can do this. This may be too intrusive in my case to manipulate iptables.

Anyone have an idea? Thank you !!

+3

android linux callback tcp connection

zack May 04 '12 at 19:30

source share

3 answers

larsks · Answer 1 · 2012-05-04T19:33:08+0000

You can add a registration rule to the local configuration iptables, which will log a message each time a new connection is made, and then make the log file readable by a non-root user. This will provide you with (a) immediate notification of events (you can use inotify to detect write to the file) and (b) the discovery process itself does not need root privileges.

Chris Stratton · Answer 2 · 2012-05-05T01:45:47+0000

, , - . , APN.

, , , , .

, Android , , ( , ).

Markr · Answer 3 · 2012-05-05T22:20:58+0000

, . . (7), , . , .

If connection tracking is enabled, it is possible to receive notifications of new kernel connections using netlink. The API for doing these things is terrible, so consider looking for a program that already does this. I think the binary "conntrack" may be provided with some distributions (I'm not sure what this part is).

How to passively control if Linux creates a new TCP connection?

More articles: