Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using Red Hat 9. I would like to create a user group on my computer that would have no access to the Internet. I would like all other user groups to continue to be able to access the Internet. How would I set this up?
i dont know how redhat configures firewalls but according to my iptables man page there is a module called owner which can match packets on uid, gid, and pid. which is what you want but it is labelled experimental so i cant guarantee it working.
assuming everythings set up in your kernel and your iptables supports this module then something along the lines of
iptables -A OUTPUT -m owner --gid-owner [insert group id] -j DROP
will drop all packets coming from programs running with that group id. but as i know nothing about redhat i cant give you anything more specific.
I honestly am not sure. I know that when the OS is booting up before the log in screen it mentions bringing up the eth0 and iptables firewall. However, I don't know what it does after one logs in.
hmm, well i don't know how redhat handles login's, but maybe you'll have to change that iptables rule to allow everyone to use address 127.0.0.1 , but I'm not sure...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.