В Вск, 11/11/2007 в 10:54 +0300, Mikhail A Antonov пишет: > On 10 ноября 2007, Tiurin Alexandr wrote: > > Доброго времени суток. > > Комп подключен к провайдеру по 2м тарифам. Т.е. имеется 2 из из одной > > сети, каждый ип для одного тарифного плана соответственно. Оба ипа висят > > на одной сетевой карте. > > Необходимо, что бы конкретные программы выходили в сеть с определенных > > ипов. > 1 - можно через vserver или openvz разделить IP > 2 - как уже писал Артем, по портам расписать правила iptables
# man iptables ... owner This module attempts to match various characteristics of the packet creator, for locally-generated packets. It is only valid in the OUTPUT chain, and even this some packets (such as ICMP ping responses) may have no owner, and hence never match. --uid-owner userid Matches if the packet was created by a process with the given effective user id. --gid-owner groupid Matches if the packet was created by a process with the given effective group id. --pid-owner processid Matches if the packet was created by a process with the given process id. (Please note: This option requires kernel support that might not be available in official Linux kernel sources or Debian's packaged Linux kernel sources. And if support for this option is available for the specific Linux kernel source version, that support might not be enabled in the current Linux kernel binary.) --sid-owner sessionid Matches if the packet was created by a process in the given session group. (Please note: This option requires kernel support that might not be available in official Linux kernel sources or Debian's packaged Linux kernel sources. And if support for this option is available for the specific Linux kernel source version, that support might not be enabled in the current Linux kernel binary.) --cmd-owner name Matches if the packet was created by a process with the given command name. (Please note: This option requires kernel support that might not be available in official Linux kernel sources or Debian's packaged Linux kernel sources. And if support for this option is available for the specific Linux kernel source version, that support might not be enabled in the current Linux kernel binary.) NOTE: pid, sid and command matching are broken on SMP ... -- Покотиленко Костик <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]