Re: Restricting IP to shell users

To: debian-user@lists.debian.org
Subject: Re: Restricting IP to shell users
From: Jason Healy <jhealy+debian-user@logn.net>
Date: Thu, 12 Sep 2002 09:28:44 -0400
Message-id: <[🔎] 20020912132844.GA15541@logn.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 200209120858.g8C8wDP10226@mail.ans.com.au>
References: <[🔎] 200209120858.g8C8wDP10226@mail.ans.com.au>

At 1031875063s since epoch (09/12/02 04:57:43 -0400 UTC), Dathi Oxencroft wrote:
> The immediate goal is to bind user X's processes to Y IP. Additionally
> allowing user X to only login via Y IP would be an advantage, but not an
> issue at this stage.

It sounds like you want the ipt_owner module of iptables.  Check the
FAQ at:

http://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO-7.html

and search for the "owner" matching rules (--uid-owner).  Using this
rule, you should be able to route packets origniated by a specific
user out on a specific interface.

Jason

-- 
Jason Healy
http://www.logn.net/

Reply to:

References:
- Re: Restricting IP to shell users
  - From: Dathi Oxencroft <dathi@appello.net>

Prev by Date: Re: idebus=xx and lilo
Next by Date: Re: connect 2 computers with USB
Previous by thread: Re: Restricting IP to shell users
Next by thread: DOS on non-x86 systems?
Index(es):
- Date
- Thread