Thilo,
Did you ever receive an answer on this question?
Also--a question of clarification....
Do you mean that only UID 1001 should be allowed to bind to 192.168.1.11
for outbound packets?
If so, then, why not try this:
iptables -I OUTPUT -o $OUTDEV -m owner ! --uid-owner 1001 -j DROP
Is that what you wished to accomplish?
-Martin
: Hello,
:
: I have a machine with several ips. My goal is to only allow access to one ip
: for a certain user. for example 192.168.1.11 may only be used by UID 1001
:
: I have found in the man page for bind following errno numeric:
: > EACCES The address is protected, and the user is not the super-user.
:
: Is it possible to restrict access to certain ips to certain uids?
:
: - Thilo Schulz
: _______________________________________________
: LARTC mailing list / LARTC@mailman.ds9a.nl
: http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
:
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/