[ SlackList ] [ WkikiSlack ]



Re: Ograniczenie ssh wychodzacego

From: Dariusz 'Officerrr' K. <sad_admin@poligon.com.pl>
Date: Thu May 01 2003 - 14:20:41 CEST
[slacklist] Re: Ograniczenie ssh wychodzacego

Witam,

Thursday, May 1, 2003, 1:50:48 PM, = napisales/as:

K> Tak wiem ze mozna to zrobic iptables ale po to = sie pytam na grupie zebym nie
K> musial manuala przekopywac !!! Po jaka cholere = mialbym wysylac tego posta
K> gdybym nie oczykiwal jakiegos gotowego = rozwiazania?? Jak zakaze ruchu na
K> port 22 to lipa bedzie, bo to mi nie = wyeliminuje ssh calkowicie. Moze
K> przeciez byc na innym porcie. To sie jakos z = host.deny i allow podajrze
K> robilo, tylko z tego co mi wiadomo to dotyczy = polaczen przychodzacych :(

Tam nie ma co przekopywac, krotki jest.

z manuala:
[ciach]
 owner
       This module = attempts to match various characteristics of the packet creator, for = locally-generated packets.  It
       is only valid in = the OUTPUT chain, and even this some packets (such as ICMP ping = responses) may have no  owner,
       and hence never = match.

       --uid-owner = userid
          &nbs= p;   Matches if the packet was created by a process with the = given effective user id.

       --gid-owner = groupid
          &nbs= p;   Matches if the packet was created by a process with the = given effective group id.
[/ciach]



--
Pozdrawiam,
Dariusz 'Officerrr' Kolasinski
[Network Administrator] [gg: 516354] [uin: = 8304172]
"When I'm walking a dark road I am a man who = walks alone..."

Received on Sat Feb 21 03:35:23 2004
This archive was generated by hypermail 2.1.8. Wyprawa Shackleton 2014