>>> I'd like to block port 80 and 443 traffic to a certain system on my >>> network if the domain isn't one of the two approved domains and the >>> user isn't root. Does anyone know how to do this in shorewall? I'm >>> told it is done along these lines, but I've never used iptables >>> directly: >>> >>> iptables -A OUTPUT -m owner --uid-owner someuser -m tcp --dport http -j >>> REJECT >> >> You are mis-informed. > > What you are asking isn't possible to accomplish with a packet filter.
Is there any way to limit a system's website access to two domains with shorewall? I wanted to allow http access to root for downloading new packages via Portage, but it sounds like I won't be able to do that. - Grant ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
