French, David wrote: > Thanks. I found ipfauth and I am looking at it now. I also found > userauth.c in the source samples directory. > > One last question, I don't see anything that may specify what process > and/or user a packet is associated with. Is this information any place > I could reference? If not, is there any chance it may be added at some > point? > > What I am trying to do here is setup an authentication daemon to > allow/deny outgoing connections based on the user who initiated the > packet. It will check a configuration file/db to see what protocols, > networks, etc a user can send packets to. >
That information isn't always available, so it isn't part of what IPFilter makes available or uses. However, because you're using a daemon to do this, there's no reason why the daemon can't use tricks similar to [p]identd or lsof to find the owner of the packet...so long as it is TCP/UDP. Darren
