Re: filtering by user
Leonardo Boselli a écrit :
I have an host that has 2 NIC:
one with a.b.c.d a.b.c.e and a.b.c.f
another with i.j.k.l i.j.k.m i.j.n.l and i.j.n.m
I wish that a number of users (that can be made member or not member of a
certain group) would use always i.j.n.m address to connect to outside
world, so i can set iptables on that address in a different way than for
the system and the rest of users.
I don't think this is a good idea because IP addresses are intended to
be network-related, not user-related. Instead you may use the 'owner'
match to match locally generated packets against a user id or group id.