Robert Vangel wrote:
Binish A R wrote:
Robert Vangel wrote:
Make it `--uid-owner ! root' instead of `! --uid-owner root'
iptables -I OUTPUT -p tcp --dport 22 -m owner ! --uid-owner root -j REJECT
is working fine, ie its blocking ssh from non-root users.
What I want is to log the username (uid) trying to do ssh.
Any comments?
Please don't CC me. Thanks.
Sorry, I misread the question :\.
From my experience with -m owner/group (extremely limited I must admit) I don't think it's possible. The messages in /var/log/messages don't seem to have any uid information, and afaik there isn't any sort of variables that iptables has in to do this sort of thing.
I apologize for the CC. Is there any way, I can use environment variables while logging ?
