1 |
Hi folks, |
2 |
I'm a newbie with iptables. I've reading a few docs, and also netfilter's |
3 |
mailing list archives. |
4 |
|
5 |
I need to block certain user(s) access to the net, so that he/she thinks |
6 |
the internet is down. |
7 |
I can do this globally without problem, yet with the 'owner' module it |
8 |
should be pretty easy to achieve what I want since the user will be |
9 |
using the same machine the iptables rule will be running on (a single |
10 |
desktop PC). Later on I probably add the time patch, but at the moment |
11 |
I only need to block completely the access. |
12 |
|
13 |
What I was trying to use is: |
14 |
|
15 |
iptables -A OUTPUT -m owner --uid-owner 1002 -p tcp -j DROP |
16 |
|
17 |
from what I get |
18 |
|
19 |
iptables: Invalid argument |
20 |
|
21 |
If I run it with verbose output, I get: |
22 |
|
23 |
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 OWNER UID match 1002 |
24 |
iptables: Invalid argument |
25 |
|
26 |
What makes me think that it really understood what I told it, though for |
27 |
some reason it failed. |
28 |
The modules have been loaded correctly, ATM I have 'ipt_REJECT, ipt_owner, |
29 |
iptable_filter, ip_tables' in memory. |
30 |
|
31 |
It's probably something silly, but I cannot find how to make it work. |
32 |
Any hints on wthat's going on here? |
33 |
|
34 |
|
35 |
-- |
36 |
Javier Marcet <jmarcet@×××××.com> |