Bulgrien, Kevin
2006-Jan-02 21:46 UTC
RE: How to log and block specific application a ctivity
No, Shorewall supports this. See the rules file. # USER/GROUP This column may only be non-empty if the SOURCE is # the firewall itself. # # The column may contain: # # [!][<user name or number>][:<group name or number>] # # When this column is non-empty, the rule applies only # if the program generating the output is running under # the effective <user> and/or <group> specified (or is # NOT running under that id if "!" is given). # # Examples: # # joe #program must be run by joe # :kids #program must be run by a member of # #the ''kids'' group # !:kids #program must not be run by a member # #of the ''kids'' group -----Original Message----- From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Gary E. Terry Sent: Monday, January 02, 2006 3:42 PM To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] How to log and block specific application a ctivity Still the EGID and EUID blocking you are talking about are specific to a windows firewall? aren''t they? ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
Gary E. Terry
2006-Jan-02 21:51 UTC
Re: How to log and block specific application a ctivity
Allrightythen.... ----- Original Message ----- From: "Bulgrien, Kevin" <Kevin.Bulgrien@GDSATCOM.com> To: <shorewall-users@lists.sourceforge.net> Sent: Monday, January 02, 2006 4:46 PM Subject: RE: [Shorewall-users] How to log and block specific application a ctivity> No, Shorewall supports this. See the rules file. > > # USER/GROUP This column may only be non-empty if the SOURCE is > # the firewall itself. > # > # The column may contain: > # > # [!][<user name or number>][:<group name or > number>] > # > # When this column is non-empty, the rule applies > only > # if the program generating the output is running > under > # the effective <user> and/or <group> specified (or > is > # NOT running under that id if "!" is given). > # > # Examples: > # > # joe #program must be run by joe > # :kids #program must be run by a member > of > # #the ''kids'' group > # !:kids #program must not be run by a > member > # #of the ''kids'' group > > -----Original Message----- > From: shorewall-users-admin@lists.sourceforge.net > [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Gary E. > Terry > Sent: Monday, January 02, 2006 3:42 PM > To: shorewall-users@lists.sourceforge.net > Subject: Re: [Shorewall-users] How to log and block specific application a > ctivity > > Still the EGID and EUID blocking you are talking about are > specific to a windows firewall? aren''t they? > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click