Re: Modifying Routing Tables on the fly
Ian Perry <iperry@ram.net.au> writes:
> I am trying to modify a route table dependant on which user logs in through
> a dial-up connection.
> viz: route add 192.168.1.1 eth0
>
> I have already got
>
> route add -net 192.168.0.0 netmask 255.255.0.0 lo
> to stop other users getting to the local network (other than what they are
> supposed to)
>
> I have set up the user's login shell to run the file to add the route and
> ip-down to remove the route.
>
> I get the error message:
>
> SIOCADDRT : Operation not permitted.
>
> I gather this is because the user is not root.
>
> Is there a way to safely change the routing table dependant on who logs in
> ?
Make the script some kind of suid (I think it is best to write the
script in perl).
But the kernel routing table is global for the computer, so does this
do what you intend? If it sets global routing, then why don´t you
include it in your startup scripts? If the user logs on, every other
account is not able to access what you denied either...
(I don´t know if I´m right, as I really don´t know how the kernel
routing table is implemented, so please try...)
Jens
---
Jens.Ritter@weh.rwth-aachen.de grimaldi@debian.org
Key ID: 2048/E451C639 Jens Ritter
Key fingerprint: 5F 3D 43 1E 24 1E CC 48 1E 05 93 3A A7 10 73 37
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: