Thilo, Did you ever receive an answer on this question? Also--a question of clarification.... Do you mean that only UID 1001 should be allowed to bind to 192.168.1.11 for outbound packets? If so, then, why not try this: iptables -I OUTPUT -o $OUTDEV -m owner ! --uid-owner 1001 -j DROP Is that what you wished to accomplish? -Martin : Hello, : : I have a machine with several ips. My goal is to only allow access to one ip : for a certain user. for example 192.168.1.11 may only be used by UID 1001 : : I have found in the man page for bind following errno numeric: : > EACCES The address is protected, and the user is not the super-user. : : Is it possible to restrict access to certain ips to certain uids? : : - Thilo Schulz : _______________________________________________ : LARTC mailing list / LARTC@xxxxxxxxxxxxxxx : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
