I think docker or lxc may help you. You run the process(es) in a container and attach a tap interface to the container, the process inside the container can only see the attached interface.
Regards,2017-04-18 4:28 GMT-03:00 Lev Olshvang <levonshe@xxxxxxxxxx>:
Hi all,I would like to constrain process (by name) or group of process to specific network interface and to specific port.Please advice if there is some cgroups controller or netfilter module?ThanX, Lev
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/ kernelnewbies
--
“If you're going to try, go all the way. Otherwise, don't even start. ..."
Charles Bukowski
Charles Bukowski
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
