How to block all the network traffic from one user? But other users are alive to the network that the blocked user is able to connect to other users who have the permission to the internet.
Asked
Active
Viewed 520 times
2
-
3I have no idea what "other users are alive to the network that the blocked user is able to connect to other users who have the permission to the internet" means. Could you rephrase? – Chris Down Dec 21 '13 at 06:21
1 Answers
2
You can block all outgoing network traffic for one user using the iptables owner module:
iptables -A OUTPUT -m owner --uid-owner <username> -j DROP
ip6tables -A OUTPUT -m owner --uid-owner <username> -j DROP
Note that this will block on all interfaces. If you want to use a specific interface, use -o <interface>.
You could also consider setting up another machine as the gateway to the network, and then requiring users to authenticate to it.
Scrooge McDuck
- 1,084
Chris Down
- 125,559
- 25
- 270
- 266