Good time of the day.
Whats' wrong w/ my set up (I want to allow output traffic for the users that are in the allowed group only): iptables -I OUTPUT 1 -m owner ! --gid-owner allowed -j DROP but what I get is that all the users including those in the allowed group are blocked. If I write accepting rule for every user, like: iptables -I OUTPUT 1 -m owner --uid-owner allowed-user1 -j ACCEPT it works for them, but I prefer to significantly reduce the load by simple rejection: drop if not in the list/group of allowed. Thanks for Your time. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
