I know I'm linking to an old thread (http://lists.pdxlinux.org/pipermail/plug/2014-January/079167.html). I may have read enough and thought enough in the mean time to ask "intelligent" questions ;)
Russell Senior wrote: >>>>>> "Richard" == Richard Owlett <rowl...@cloud85.net> writes: > > Richard> What I want should be simple, block *EVERYTHING* except > Richard> email, newsgroup, and browsing with SeaMonkey or it's Debian > Richard> blessed counterpart. There will be occasional downloads fro > Richard> Debian repositories. > > Firewalls can't (generally) tell what application you are using. All > they really see is your network source/destination addresses and ports > and such. > > Is the usb modem connected directly to your laptop? > > What is the name of the interface when you are connected? Maybe ppp0 > or usbnet0 or something? I haven't dealt with dialup in a while ;-). > > Also, just to be clear, are you trying to block connections your > laptop is making to the world? Or just connections coming from the > world to your laptop? > > I have two use cases: At home dialup via USB modem (can find interface name later) At local library via WiFi hotspot (network name known) (Physically never have an Ethernet connection) I understand that I can block *ALL* unsolicited incoming connections with iptables. Under Windows apps such as Comodo can label an app as "trusted". I know that isn't simple with Linux. I understand that the first pass would be to set User/Group permissions so only specific users (e.g. UserAlpha) can access the internet. However can I set permissions such that UserAlpha has to use a specific browser. For example I'll have two browsers on my machine: BrowserA is known safe. BrowserB is experimental and has some feature convenient for local files. Everyone *EXCEPT* UserA should have access to BrowserB. Clear? TIA _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug