参见英文答案 > How to restrict internet access for a particular user on the lan using iptables in Linux????????????????????????????????????2个
我想创建一个新用户(或组),以便与该用户一起运行的任何应用程序都无法连接到网络.
@MichaelKj?rling
我已经按照你的建议(使用Ubuntu 12.04 64bit)获得了一些错误信息:
$sudo iptables -A OUTPUT -m owner --uid-owner xyz ! -i lo -j REJECT --reject-with network-unreachable
iptables v1.4.12: unknown reject type "network-unreachable"
Try `iptables -h' or 'iptables --help' for more information.
$sudo iptables -A OUTPUT -m owner --uid-owner xyz ! -i lo -j REJECT
iptables v1.4.12: Can't use -i with OUTPUT
Try `iptables -h' or 'iptables --help' for more information.
$sudo iptables -A OUTPUT -m owner --uid-owner xyz ! -j REJECT
iptables v1.4.12: cannot have ! before -j
Try `iptables -h' or 'iptables --help' for more information.
最后,以下一个有效.但我不确定是否有任何错误.
$sudo iptables -A OUTPUT -m owner --uid-owner xyz -j REJECT
$