Dear atar, atar wrote: > Just wanted to know please if there's a way to block a specific program > from accessing the Internet while preserving at the same time the ability > of other programs to access the Internet, and if there's a way, so how?
AppArmor and SELinux likely have such features, however, they may be difficult to configure. If it is just a single program, the simplest way is probably to run it only as a special user and then use iptables’ --uid-owner option in the owner extension to block outgoing traffic from this user. Remember to also block IPv6 traffic using ip6tables if you have a working IPv6 connection. Best, Claudius -- Please don’t CC me. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
