From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
Date: Thu, 01 May 2003 03:24:11 +0000
Subject: Re: [LARTC] Restrict access to certain ips.
Message-Id: <marc-lartc-105175953809860@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org


Thilo,

Did you ever receive an answer on this question?

Also--a question of clarification....

  Do you mean that only UID 1001 should be allowed to bind to 192.168.1.11
  for outbound packets?

If so, then, why not try this:

  iptables -I OUTPUT -o $OUTDEV -m owner ! --uid-owner 1001 -j DROP

Is that what you wished to accomplish?

-Martin

 : Hello,
 :
 : I have a machine with several ips. My goal is to only allow access to one ip
 : for a certain user. for example 192.168.1.11 may only be used by UID 1001
 :
 : I have found in the man page for bind following errno numeric:
 : > EACCES The address is protected, and the user is not the super-user.
 :
 : Is it possible to restrict access to certain ips to certain uids?
 :
 :  - Thilo Schulz
 : _______________________________________________
 : LARTC mailing list / LARTC@mailman.ds9a.nl
 : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
 :

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/