Allow all traffic for a specific process
alex
nowhere at phobgate.de
Wed May 7 08:17:10 PDT 2003
run process under own user and/or group id, then use ipfw rule with uid
and/or gid option
ipfw manual says:
uid user
Match all TCP or UDP packets sent by or received for a
user. A user may be matched by name or identification
number.
gid group
Match all TCP or UDP packets sent by or received for a
group. A group may be matched by name or identification
number.
i've used this options for shell accounts to share bandwith between users
--On Dienstag, 6. Mai 2003 22:08 +0000 Daniela <dgw at liwest.at> wrote:
> Hi all!
>
> Does IPFW have a feature to pass all traffic destined for ports a
> specific process has opened?
> The process opens many rapidly changing dynamic ports, UDP and TCP, so
> the keep-state rules are useless most of the time.
>
> If this is not possible, would it be easy to implement?
> I'm still a newbie, but if it's not too hard, I think I can do it.
>
> Regards,
> Daniela
>
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
More information about the freebsd-ipfw
mailing list