[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: filtering by user


Leonardo Boselli a écrit :
I have an host that has 2 NIC:
one with a.b.c.d  a.b.c.e and a.b.c.f
another with i.j.k.l i.j.k.m i.j.n.l and i.j.n.m
I wish that a number of users (that can be made member or not member of a
certain group) would use always i.j.n.m address to connect to outside
world, so i can set iptables on that address in a different way than for
the system and the rest of users.

I don't think this is a good idea because IP addresses are intended to be network-related, not user-related. Instead you may use the 'owner' match to match locally generated packets against a user id or group id.

Reply to: