On Thu, 2005-01-20 at 16:16, abcabc@xxxxxxx wrote: > How can I block a range of uid's in 1 rule ? > > I tried this, but that gave an error. > iptables -A OUTPUT -p tcp --match owner --uid-owner 1000:2000 -j DROP > > Is it at all possible? that's not how the owner match works. it only matches a single uid. dunno how hard it would be to hack the source to support the range operator, as i know zip about C/C++. -j -- "Facts are meaningless. You could use facts to prove anything that's even remotely true!" --The Simpsons
