чт, 20 авг. 2020 г. в 15:46, Victor Ivanov <vic.m.iva...@gmail.com>: > > On 14/08/2020 01:03, Alexey Mishustin wrote: > > groupadd noinet > > usermod -a -G noinet <your_user> > > iptables -A OUTPUT -i <some_interface> -m owner --gid-owner noinet -j DROP > > and calling not > > Plex > > but > > sg noinet Plex > > (or whatever name the binary has) > > This is a very elegant generic solution, thank you for sharing. I had > completely forgotten the fact that filtering can be done based on UID/GID.
This is not surprising, because "a lot of water has passed under the bridge" since this solution was popular: https://ubuntuforums.org/showthread.php?t=1188099&p=10626471#post10626471 (dated 2011) -- Best regards, Alex
