Robert Vangel wrote:Make it `--uid-owner ! root' instead of `! --uid-owner root'
iptables -I OUTPUT -p tcp --dport 22 -m owner ! --uid-owner root -j REJECT is working fine, ie its blocking ssh from non-root users. What I want is to log the username (uid) trying to do ssh. Any comments?
Please don't CC me. Thanks.
Sorry, I misread the question :\.
From my experience with -m owner/group (extremely limited I must admit) I don't think it's possible. The messages in /var/log/messages don't seem to have any uid information, and afaik there isn't any sort of variables that iptables has in to do this sort of thing.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
