iptables: blocking network access for certain UIDs gives error.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hi. i've never posted/reg here before but have lurked for quite awhile.

i need to block internet access for a couple UIDs. found and a bit of an older thread on this site [url=http://fcp.homelinux.org/modules/newbb/viewtopic.php?topic_id=23058]here[/url]. this is basically what i want to do too but i'm using FC4 and the original post refers to FC3 - not sure if that has anything to do with it. so i'm executing: 

[b] iptables -D OUTPUT -m owner --uid-owner 502 --jump DROP[/b]
but i keep getting: [b]"Bad rule (does a matching rule exist in that chain?)" [/b]

here is the output of [font=Verdana]iptables --list[/font]:

> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     ipv6-crypt--  anywhere             anywhere
> ACCEPT     ipv6-auth--  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> REJECT     all  --  anywhere             anywhere            reject-with
> icmp-host-prohibited


i checked in [b]ntsysv[/b] and iptables is selected to run at startup. just for the heck of it, i ran [b]iptables--save[/b]. the command does update my [b]/etc/sysconfig/iptables[/b] file stating current date and time for last modified but adds nothing to the file. i have not modified iptables.config in any way. do either/or NetworkManager or NetworkManagerDisbatcher services need to be running for this?

i'm sure lots of people are already doing this. any help would be greatly appreciated!!!



-- 
This is an email sent via the webforum on http://fcp.homelinux.org
http://fcp.homelinux.org/modules/newbb/viewtopic.php?post_id=100170&topic_id=23936&forum=23#forumpost100170

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux