On Sat, Jan 21, 2017 at 6:27 AM, Patrick PIGNOL <[email protected]> wrote: > Hi all, > > I disagree ! > > Many people in the world would like to allow an software A to go to internet > through OUTPUT TCP port 80 but disallow software B to go to the internet > through this same OUTPUT TCP port 80. Don't you know about viruses on linux > ? Viruses ALWAYS use HTTP/HTTPS ports to get payloads on internet and OUTPUT > TCP port 443 COULD NOT be CLOSED for ALL SOFTWARE if you want to access > internet services (via internet browsers for example).
The Linux audit subsystem simply logs system events, it does not enforce security policy. I suggest you investigate the different Linux firewall tools and LSMs, e.g. SELinux, as they should help you accomplish what you describe. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
