Hi John, > I think you didn't understand my question, > > Ofcourse I can just set open that IP address, but I only want it to be > open for my own user (so the other users CAN'T use the IP) > > I think I need things like -m owner --owner-uid or something but I can't > figure out a good rule, I get errors on everything I try :( I don't think REJECT works in the OUTPUT chain, try DROP: iptables -A OUTPUT -p tcp --dport 6667 -m owner --owner-uid john -s 1.2.3.4 -j ACCEPT iptables -A OUTPUT -p tcp --dport 6667 -j DROP where "john" is the user ID who is allowed to use IRC on IP address 1.2.3.4 only. Cheers, Chris. -- ___ __ _ / __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer | / (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk | \ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |
