Thursday, October 15, 2015

use iptables to block any users access Internet

user to block: user1
interface connect to internet: ppp0

1- block out going connection
$ sudo iptables -A OUTPUT -o ppp0 -m owner --uid-owner user1 -j DROP

2- list iptables rules
$ sudo iptables -L OUTPUT --line-numbers
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination        
1    DROP       all  --  anywhere             anywhere             owner UID match user1

3- to enable the user to make out going connection again just remove the iptables rule that we just created
$ sudo iptables -D OUTPUT 1

No comments:

Post a Comment