growlnotify and firewall logs

[Maruk]

Hi all,

I've noticed a few "Stealth Mode connection attempts" (whatever they are) in my firewall log file, and so now I'm trying to get growlnotify to send me each line of the IPFW log file as it happens, so to speak, to alert me when people try to connect to my computer - mostly out of curiosity.

The problem with simply writing

Code: Select all

tail -n 1 -f /var/log/ipfw.log | growlnotify -p 2 -s IPFW ALERT

is that growlnotify expects an End of File mark or something like that (CTRL-D in interactive stdin) before it displays anything, and from tail I get newline characters.

Without the -f flag,

Code: Select all

tail -n 1 /var/log/ipfw.log | growlnotify -p 2 -s IPFW ALERT

simply displays the last line of the log and exits.

Can anyone add any insight to this? Would be much appreciated.

Many thanks in advance,

Maruk

[Maruk]

Ok, I finally have a solution for that problem, in case anyone else wants to try:

The solution was to break the above into several commands using a small python script:

Code: Select all

#! /usr/bin/env python

import sys, os

while True:
   myLine=sys.stdin.readline()
   if myLine != "":
      os.system("growlnotify -p 2 -s IPFW ALERT -m \"" + myLine + "\"")


invoked with

Code: Select all

tail -n 1 -f /var/log/ipfw.log | ./growl.py

and stopped again with CTRL-C.

This creates a sticky bubble for the last line of the IPFW log, and for any line created thereafter.

I hope someone finds this useful.

Maruk