Running IPTables as non-root user?

To: "debian-firewall@lists.debian.org" <debian-firewall@lists.debian.org>
Subject: Running IPTables as non-root user?
From: breno.moiana@partekforest.com
Date: Fri, 25 Jul 2003 11:23:04 -0300
Message-id: <[🔎] OF632D73FE.208F2641-ON03256D6E.004A25E4-03256D6E.004F045A@partekcorp.com>

Greetings!
I have a remote site where there are no IT people to take care of things.
Sometimes there is need to access their machines through VNC or PCAnywhere.
However, I don't want the doors to be left opened at all times. I have a bash
script which, when ran as root, opens the door, and when done, it closes it
again. My problem is that it *must* be ran as root, AFAIK.
I would like to have an ordinary user to be created and give him only power
enough to run IPTables. It would work like this:
When the user logs in, (either locally or through SSH), a bash script is ran
which allows him to select, from a menu, what service he wants to activate. When
he is done, he deactivates the service and logs off. The user wouldn't even see
the prompt.

I would like to do that with an user other than root. The problem is to allow
this user to alter iptables rules. Is it possible?

Regards,

Breno Moiana
-------------------------------------------------------------
"Science is organized knowledge. Wisdom is organized life."

"Ciência é conhecimento organizado. Sabedoria é vida organizada."
    -- Immanuel Kant

Reply to:

Follow-Ups:
- Re: Running IPTables as non-root user?
  - From: Jim Penny <jpenny@universal-fasteners.com>
- Re: Running IPTables as non-root user?
  - From: Matthew Palmer <mpalmer@debian.org>

Prev by Date: Re: ipchains/ip_conntrack/kernel 2.4
Next by Date: Re: Running IPTables as non-root user?
Previous by thread: Re: ipchains/ip_conntrack/kernel 2.4
Next by thread: Re: Running IPTables as non-root user?
Index(es):
- Date
- Thread