Hi, I've got a problem which i can't solve with the help of Linux. The problem is such: there's a server with many shell accounts, i have to check what incoming/outcoming traffic generate these users. No problem with outgoing traff: iptables -D OUTPUT -m owner --uid-owner 500 -p all -j ACCEPT but it's said in man iptables: owner This module attempts to match various characteristics of the packet creator, for locally-generated packets. It is only valid in the OUTPUT chain, and even this some packets (such as ICMP ping responses) may have no owner, and hence never match. It means that I can't use owner module for INPUT chain I've also found a patch: http://svn.netfilter.org/cgi-bin/viewcvs.cgi/branches/patch-o-matic-ng/linux-2.6.11/owner-socketlookup/ but i can't make it work on linux kernel 2.6.20+, as there's a difference in tcp.h, udp.h and etc or anything else that I don't know. Using FreeBSD to solve such a problem is the following: # ipfw add ip from any to me in uid 500 # ipfw add ip from me to any out uid 500 Can I make smth similar on Linux? -- BRGDS. Ernest Davnis.
