Bjoern Meier a écrit : > 2009/10/21 Pascal Hambourg <[email protected]> > >>> If I set: >>> -A OUTPUT -d <IP> -m owner --uid-owner <username> -j ACCEPT >>> >>> It fails and my logging shows, that the Rule will be ignored und goes to >> the >>> deny rule (last rule). >> How does it fail ? What is the error message ? >> > oh sry, there is no error. > Iptables semms to accept this rule. I can see it with iptables -S, but it > seems to be ignored.
Are you sure that the UID is correct ? What kind of traffic are you trying to match ? Keep in mind that --uid-owner matches the effective UID, so packets sent by special programs with the SUID bit set such as ping, traceroute... have the UID of the owner of the program (usually root). > I don't know how I can see the owner. Is there a switch > on - maybe - tcpdump? I don't know. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
