* Re: using iptables by normal user - not gui
2005-11-24 16:21 using iptables by normal user - not gui Daniel Chojecki
@ 2005-11-24 15:59 ` Edmundo Carmona
2005-11-24 17:52 ` Georgi Alexandrov
2005-11-24 21:14 ` R. DuFresne
2005-11-25 11:23 ` Bhavatosh
2 siblings, 1 reply; 7+ messages in thread
From: Edmundo Carmona @ 2005-11-24 15:59 UTC (permalink / raw)
To: netfilter
have you checked doing it with sudo? I think you can set what user can
execute a given command (iptables in this case).
On 11/24/05, Daniel Chojecki <boka@piekna.pl> wrote:
> Hi,
>
> i would like to give access to iptables to one user in my system.
>
> Is it possible and how to setup my system to allow it ?
>
> --
> greetz
> boka
>
>
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* using iptables by normal user - not gui
@ 2005-11-24 16:21 Daniel Chojecki
2005-11-24 15:59 ` Edmundo Carmona
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Daniel Chojecki @ 2005-11-24 16:21 UTC (permalink / raw)
To: netfilter
Hi,
i would like to give access to iptables to one user in my system.
Is it possible and how to setup my system to allow it ?
--
greetz
boka
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: using iptables by normal user - not gui
2005-11-24 15:59 ` Edmundo Carmona
@ 2005-11-24 17:52 ` Georgi Alexandrov
0 siblings, 0 replies; 7+ messages in thread
From: Georgi Alexandrov @ 2005-11-24 17:52 UTC (permalink / raw)
To: netfilter
Edmundo Carmona wrote:
>have you checked doing it with sudo? I think you can set what user can
>execute a given command (iptables in this case).
>
>On 11/24/05, Daniel Chojecki <boka@piekna.pl> wrote:
>
>
>>Hi,
>>
>>i would like to give access to iptables to one user in my system.
>>
>>Is it possible and how to setup my system to allow it ?
>>
>>
>>
man 5 sudoers
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: using iptables by normal user - not gui
2005-11-24 16:21 using iptables by normal user - not gui Daniel Chojecki
2005-11-24 15:59 ` Edmundo Carmona
@ 2005-11-24 21:14 ` R. DuFresne
2005-11-25 2:36 ` Thomas Kuiper
2005-11-25 11:23 ` Bhavatosh
2 siblings, 1 reply; 7+ messages in thread
From: R. DuFresne @ 2005-11-24 21:14 UTC (permalink / raw)
To: Daniel Chojecki; +Cc: netfilter
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 24 Nov 2005, Daniel Chojecki wrote:
> Hi,
>
> i would like to give access to iptables to one user in my system.
>
> Is it possible and how to setup my system to allow it ?
you sure can give away the farm if you wish, either hand-off the root
password or setup sudo. Is this a wise thing to do, in most cases, no...
Thanks,
Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDhi02st+vzJSwZikRAqPpAJ9jNZqW8cgN3EQgi7/7j0apgdytcwCfelrP
Vfpm5zr8Sks8V1C/TvEX3L4=
=llxA
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: using iptables by normal user - not gui
2005-11-24 21:14 ` R. DuFresne
@ 2005-11-25 2:36 ` Thomas Kuiper
0 siblings, 0 replies; 7+ messages in thread
From: Thomas Kuiper @ 2005-11-25 2:36 UTC (permalink / raw)
To: netfilter
Hi,
out of pure curiousity, why would you like to give a _user_ access to
iptables? You give him access to "manipulate" everything.
Thomas
Daniel Chojecki wrote:
> Hi,
>
> i would like to give access to iptables to one user in my system.
>
> Is it possible and how to setup my system to allow it ?
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: using iptables by normal user - not gui
2005-11-24 16:21 using iptables by normal user - not gui Daniel Chojecki
2005-11-24 15:59 ` Edmundo Carmona
2005-11-24 21:14 ` R. DuFresne
@ 2005-11-25 11:23 ` Bhavatosh
2005-11-26 14:13 ` Chris Brenton
2 siblings, 1 reply; 7+ messages in thread
From: Bhavatosh @ 2005-11-25 11:23 UTC (permalink / raw)
To: Daniel Chojecki; +Cc: nnampoothiri, netfilter
On Thu, 2005-11-24 at 17:21 +0100, Daniel Chojecki wrote:
> Hi,
>
> i would like to give access to iptables to one user in my system.
>
> Is it possible and how to setup my system to allow it ?
>
Try sudo utility.You can give access of iptables to Normal user.
Regards,
Bhavatosh
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: using iptables by normal user - not gui
2005-11-25 11:23 ` Bhavatosh
@ 2005-11-26 14:13 ` Chris Brenton
0 siblings, 0 replies; 7+ messages in thread
From: Chris Brenton @ 2005-11-26 14:13 UTC (permalink / raw)
To: netfilter
On Fri, 2005-11-25 at 16:53 +0530, Bhavatosh wrote:
> On Thu, 2005-11-24 at 17:21 +0100, Daniel Chojecki wrote:
> >
> > i would like to give access to iptables to one user in my system.
> >
> > Is it possible and how to setup my system to allow it ?
>
> Try sudo utility.You can give access of iptables to Normal user.
Agreed. I wrote up a paper on how to set this up a while back. Info is
here:
http://www.loganalysis.org/sections/parsing/application-specific/firewall-logging.html
HTH,
Chris
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2005-11-26 14:13 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-24 16:21 using iptables by normal user - not gui Daniel Chojecki
2005-11-24 15:59 ` Edmundo Carmona
2005-11-24 17:52 ` Georgi Alexandrov
2005-11-24 21:14 ` R. DuFresne
2005-11-25 2:36 ` Thomas Kuiper
2005-11-25 11:23 ` Bhavatosh
2005-11-26 14:13 ` Chris Brenton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.