info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Is it possible to ipfilter based on $USER name and/or process name?
5 views
Skip to first unread message
Jim Klimov
Apr 22, 2012, 5:30:06 AM4/22/12
to
Hello,
I was asked if it is possible for ipfilter in general
and on (Open)Solaris/illumos in particular to go beyond
filters based on packets' networking attributes, and
involve filtering based on (local) OS attributes - UID,
GID, PID/PNAME and so on, like Linux and Windows filters
do.
Sample rule and usecase might be: nobody can access HTTP
into the internet from this box except root and repo-sync
user.
Is it possible now or implementable "with little blood"? :)
Thanks,
//Jim
I was asked if it is possible for ipfilter in general
and on (Open)Solaris/illumos in particular to go beyond
filters based on packets' networking attributes, and
involve filtering based on (local) OS attributes - UID,
GID, PID/PNAME and so on, like Linux and Windows filters
do.
Sample rule and usecase might be: nobody can access HTTP
into the internet from this box except root and repo-sync
user.
Is it possible now or implementable "with little blood"? :)
Thanks,
//Jim
0 new messages