Milter-greylist

Jim Klimov <jimklimov@...> wrote:

> I thought that maybe "netstat -an" relies on some standard API
> to list the kernel's established TCP sessions on various OSes.

There is no such standard API, unfortunately. Older system peek at
kernel internals through /dev/kmem. Modern systems use sysctl, but the
data format is not standardized.

> Forking an executable for each connection would of course be an
> overkill. At most - make a netstat daemon (or thread) and query
> it with a pipe ;)

Your netstat is able to loop reporting information? Mine does not. 

> Given your reply above, I think for many intents and purposes
> the single value defined by admin in a config file would do.

Yes, localaddr is the least resistance path to solving the problem, IMO.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...