1 |
On 02/28/2018 04:47 PM, Grant Taylor wrote: |
2 |
> I know that iptables can filter based on a process owner and cgroup. So, |
3 |
> depending on how the applications are running, you might be able to come |
4 |
> close to what you're after. |
5 |
|
6 |
You might be able to punt (metadata about) packets into a user space |
7 |
program that can then make decisions based on additional information. |
8 |
I.e. what process owns the originating / terminating socket, and ACCEPT |
9 |
/ DROP / REJECT packets based on that. |
10 |
|
11 |
I've never heard of such, but I see how it could work. E.g. DROP / |
12 |
REJECT packets by default, and ACCEPT any packets that have a paternal |
13 |
process tied to the /usr/bin/thunderbird file. |
14 |
|
15 |
|
16 |
|
17 |
-- |
18 |
Grant. . . . |
19 |
unix || die |