| |
| |
| |
|
Comments:
<0> hey guys, is there any way to block a user on iptables per uid?
<0> (outgoing)
<1> yeah
<1> look at the man page
<1> i forget the exact --arg however
<0> k
<0> me too heh
<1> you can block outgoing/incoming per the process' owner's UIID.
<0> --uid-owner userid
<0> =)
<0> thats what im tryin to do
<1> sounds good.
<1> heh
<0> hmm doesnt work
<0> iptables -A OUTPUT -p tcp --dport 6667 -m owner --gid-owner users -j
<0> iptables: No chain/target/match by that name
<2> do you have an ipt_owner module?
<0> no idea
<0> how would i find out?
<0> its a default install of debian if that helps
<2> l /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ipt_owner.ko
<2> ls /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ipt_owner.ko
<0> k
<0> nope
<0> in saying that, its in a VPS..
<2> what kernel?
<0> so theres no /lib/modules..
<0> Linux shell.darktech.org.uk 2.6.15-025stab014 #1 Wed Feb 1 13:41:48 GMT 2006 i686 GNU/Linux
<2> you don't have a modular kernel?
<0> it is
<0> but its in a vps
<0> so theres no modules on the vps
<0> only on the host system
<2> oh
<0> the vps shares the same kernel as host system
<2> they would have to have the module loaded on the host then, probably
<0> yeh, i own the host system as well
<0> there is no owner module at all
<0> do i just recompile kernel?
<0> (with adding it in)
<2> look for CONFIG_IP_NF_MATCH_OWNER
<0> k
<0> ty
<2> yw
<0> cant really be bothered with rebuilding kernel though, so ill probably just leave it
<3> trappist: Ping?
<4> hey guys, i'm totally lost in this nat thing (yes read the title mentioned page).. can someone help me with setting up nat between two interfaces on my machine? i want all machines on a particular interface to use internet thru my wifi interface
<4> i'm using my ethernet for default internet on the computer itself
<4> can someone please help me set this up?
<5> good morning
<6> hello to everyone
<6> thanks to all the guys that tried to help me the other day
<6> i figured it all out and now it all works well
<6> thanks again for your time and effort
<7> hello there
<7> how are things
<8> hi all
<8> could anyone help me, please.
<8> i wanna do the following
<8> I have i real domain called mycompany.com..... In domain registar , it is redirecting it to 1 real IP.. 200.xxx.xxx.137 .my dns server is hosted on this real ip... The A record for primary Dns is server.mycompany.com . This same dns server has its internal ip as 172.16.10.1...... I would like to redirect a CNAME record sip.mycompany.com to 172.16.10.2 , all ports... not just one
<8> my big problem is... i only have 1 real IP... and i wouldn't like to buy another one
<8> does anyone know how to make this possible ?
<2> it's impossible, sadly
<2> the packets contain no record of what domain name was used to get their IP
<8> so... i'll have to buy another ip ?
<2> probably
Return to
#iptables
or
Go to some related
logs:
ubuntu command check java version
FATAL ERROR: Bad logical partition 6: enlarged logical partitions overlap
ubuntu samba write access denied
gentoo uname wrong
#math
asus p38-p
USE_SYNC_TX_QUEUE
#mysql
additional emblems gnome
songbird ubuntu repos deb
|
|