Shorewall users - Oct 2009 - Fwd: iptables: modules like owner.

Simple question, how do I use "owner UID match" as part of my rules or
macros?  I see the location in rules for this information but the
format is not documented.

I''m currently running firehol and trying to map my configuration to
shorewall, I don''t have shorewall installed(no version installed) or
any shorewall configuration(no output from an uninstalled shorewall).

Firehol lacks V6 support and bringing up a V6 tunnel provides access
to my private web-server to even V4 hosts, nice.  As Firehol has not
had an update in a vary long time I''ve decided to switch software.

There are several users(read as daemons) that I don''t want transparent
cache, this is part of the firehol config:
# Run a transparent cache?
SQUID_PORT="3128"               # Leave empty to disable SQUID
# Users to be excluded from the cache
SQUID_USERS="debian-tor privoxy proxy apt-p2p"
SQUID_EXCLUDE="1.1.1.1"         # Web Server IPs to be excluded from
the cache

# Setup a transparent squid, only if SQUID_PORT is set.
if [ ! -z "${SQUID_PORT}" ]
then
       transparent_squid "${SQUID_PORT}" "${SQUID_USERS}"  
   \
         inface "${HOME_MYIF}" src "${HOME_LAN}"            
  \
         dst not "${SQUID_EXCLUDE} ${PRIVATE_IPS}"
fi

# Output
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
out_trproxy.1  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
spts:32768:61000 dpt:80

Chain out_trproxy.1 (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            1.1.1.1
RETURN     all  --  0.0.0.0/0            10.0.0.0/8
RETURN     all  --  0.0.0.0/0            169.254.0.0/16
RETURN     all  --  0.0.0.0/0            172.16.0.0/12
RETURN     all  --  0.0.0.0/0            192.0.2.0/24
RETURN     all  --  0.0.0.0/0            192.88.99.0/24
RETURN     all  --  0.0.0.0/0            192.168.0.0/16
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           owner UID
match 124
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           owner UID
match 123
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           owner UID match 13
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           owner UID
match 122
RETURN     all  --  0.0.0.0/0            127.0.0.1
REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           redir ports 3128


What would you suggest I type in the shorewall config file to make these rules?

------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference

Mike Mestnik wrote:
> Simple question, how do I use "owner UID match" as part of my
rules or
> macros?  I see the location in rules for this information but the
> format is not documented.
>
At a shell prompt, type ''man shorewall-rules'' or go to
http://www.shorewall.net/manpages/shorewall-rules.html

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference