my idea is to add some rules to iptables eg iptables -A INPUT -p tcp --dport 1985 -j LOG --prefix "key port 1:" iptables -A INPUT -p tcp --dport 1985 -j DROP
iptables -A INPUT -p tcp --dport 12731 -j LOG --prefix "key port 2:" iptables -A INPUT -p tcp --dport 12731 -j DROP iptables -A INPUT -p tcp --dport 200312 -j LOG --prefix "key port 3:" iptables -A INPUT -p tcp --dport 200312 -j DROP iptables -A INPUT -p tcp --dport 436093 -j LOG --prefix "key port 4:" iptables -A INPUT -p tcp --dport 436093 -j DROP iptables -A INPUT -p tcp --dport 1 -j LOG --prefix "key port 5:" iptables -A INPUT -p tcp --dport 1 -j DROP iptables -A INPUT -p tcp --dport 1123123 -j LOG --prefix "key port 6:" iptables -A INPUT -p tcp --dport 1123123 -j DROP so you get: 1. ports are DROPED everytime you try to access them (you can set the drop rule to something else (reply with reset or sth) 2. you have log entries like key port 2: SRC=xxx.xxx.xxx.xxx etc. so you just use bash/awk/grep/perl to find the sequence in order from the ip and open/close the port as you wish if you need i could write such scripts and send it to the group/to you Geetings, Kuba BIGHard Jakubik jid: [EMAIL PROTECTED]
