| 1 |
Hi folks, |
| 2 |
I'm a newbie with iptables. I've reading a few docs, and also netfilter's |
| 3 |
mailing list archives. |
| 4 |
|
| 5 |
I need to block certain user(s) access to the net, so that he/she thinks |
| 6 |
the internet is down. |
| 7 |
I can do this globally without problem, yet with the 'owner' module it |
| 8 |
should be pretty easy to achieve what I want since the user will be |
| 9 |
using the same machine the iptables rule will be running on (a single |
| 10 |
desktop PC). Later on I probably add the time patch, but at the moment |
| 11 |
I only need to block completely the access. |
| 12 |
|
| 13 |
What I was trying to use is: |
| 14 |
|
| 15 |
iptables -A OUTPUT -m owner --uid-owner 1002 -p tcp -j DROP |
| 16 |
|
| 17 |
from what I get |
| 18 |
|
| 19 |
iptables: Invalid argument |
| 20 |
|
| 21 |
If I run it with verbose output, I get: |
| 22 |
|
| 23 |
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 OWNER UID match 1002 |
| 24 |
iptables: Invalid argument |
| 25 |
|
| 26 |
What makes me think that it really understood what I told it, though for |
| 27 |
some reason it failed. |
| 28 |
The modules have been loaded correctly, ATM I have 'ipt_REJECT, ipt_owner, |
| 29 |
iptable_filter, ip_tables' in memory. |
| 30 |
|
| 31 |
It's probably something silly, but I cannot find how to make it work. |
| 32 |
Any hints on wthat's going on here? |
| 33 |
|
| 34 |
|
| 35 |
-- |
| 36 |
Javier Marcet <jmarcet@×××××.com> |
Archives