From 340d127c403989bbf3ccb82c852f69a626fb27b9 Mon Sep 17 00:00:00 2001 From: FreeArtMan Date: Tue, 8 Mar 2016 21:11:16 +0000 Subject: [USING IPTABLES] added command to block by user ip --- md/writeup/using_iptables.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/md/writeup/using_iptables.md b/md/writeup/using_iptables.md index 8b38488..7f915b5 100644 --- a/md/writeup/using_iptables.md +++ b/md/writeup/using_iptables.md @@ -228,6 +228,14 @@ Block ip to access specific port iptables -A INPUT -s 8.8.8.8 -p tcp --destination-port 25 -j DROP ``` +### Block UID + +There is possble to make iptables basing on user id + +``` +iptables -A OUTPUT -m owner --uid-owner {USERNAME} -j DROP +``` + ### Loging Log droppend packages @@ -259,4 +267,6 @@ the system admins could be not happy with this jokes ;]. 9. https://www.debuntu.org/how-to-redirecting-network-traffic-to-a-new-ip-using-iptables/ 10. http://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/ 11. http://ipset.netfilter.org/iptables.man.html -12. http://gr8idea.info/os/tutorials/security/iptables5.html \ No newline at end of file +12. http://gr8idea.info/os/tutorials/security/iptables5.html +13. http://linuxpoison.blogspot.co.uk/2010/11/how-to-limit-network-access-by-user.html +14. http://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html \ No newline at end of file -- cgit v1.2.3