linux kernel
Warren Togami
warren at togami.com
Tue Apr 24 19:51:31 PDT 2001
This may be helpful.
Article: Dynamic iptables firewalls
http://www-106.ibm.com/developerworks/linux/library/l-fw/index.html
Many useful IPTables ideas, including "user-outblock" which may be helpful
to what you are looking for.
----- Original Message -----
From: "Robert Buecker" <rbuecker at darkscape.net>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Cc: <j.saettem at uniqes.com>; <laram at monet.no>; <andy at cdc.net>
Sent: Tuesday, April 24, 2001 12:29 PM
Subject: [luau] linux kernel
> Ok, here's a concept I have, and I'm sure it's not anything new. If anyone
> has information that can lead to successful implementation I'll be very
> appreciative.
>
> Basically, the problem is allowing users shell access to a linux system,
> without allowing them to start any outbound tcp/ip connections that arent
> listed in /etc/ports.allow (21 ncftp, 80 lynx, 110 pop3). However, there
> should be a list similar to /etc/users.allow which allows other users to
> initiate outbound connections on any port (be it telnet, irc, ftp, etc).
>
> Maybe I don't have everything completely thought out, but hopefully
someone
> knows something already existing which could accomplish this (I'm sure
it'll
> wind up as a kernel patch somewhere).
>
> Thanks for your help.
>
> Robert
>
>
> ---
> You are currently subscribed to luau as: warren at togami.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
More information about the LUAU
mailing list