On 10/31/05, Sukrit <[EMAIL PROTECTED]> wrote:
> I want to filter based on name of process i.e I want to block all
> traffic and allow only traffic going from firefox to remote port 80.
>
> I know you make rules based on process id - can I make sure a process
> always runs with a particular process id.
iptables does not allow filtering based on the application that
created the tcp/ip packet. And with good reason. There is absolutely
no reason why the name of the application should be embedded in all
tcp/ip packets. Furthermore, the http spoken by firefox should be
transparent from that spoken by, say, opera. IMO, draconian
restrictions like this are not very productive in the longer run.
If you really want to be the dictator, maybe what you can do is not
install other applications for your users in the first place.
Thaths
--
"Facts are meaningless. You could use facts to prove anything that's even
remotely true!" -- Homer J. Simpson
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
linux-india-help mailing list
linux-india-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-india-help
