Date: Tue, 21 Aug 2001 21:15:30 -0500 (CDT) From: "c.s. (maneo) peron" <maneo@icmp.dhs.org> To: <freebsd-security@freebsd.org> Cc: <cristjc@earthlink.net> Subject: Re: inet socket restriction via group (fwd) Message-ID: <20010821211357.B23012-100000@icmp.dhs.org>
next in thread | raw e-mail | index | archive | help
On Tue, 21 Aug 2001, Crist J. Clark wrote: > On Tue, Aug 21, 2001 at 06:47:09PM -0500, c.s. (maneo) peron wrote: > > > > True you could use ipfw, however i dont believe you can filter > > a group when using ipf. (correct me if iam wrong) Right; please note I acknowledged the fact that you could attain the same results with ipfw. & Please note that I was referencing IPF not to be confused with IPFW when I said I was unsure of the group filtering. I believe that was clear & self evident. ipf != ipfw. regards > > You are wrong. ipfw(8) says, > > uid user > Match all TCP or UDP packets sent by or received for a > user. A user may be matched by name or identification > number. > > gid group > Match all TCP or UDP packets sent by or received for a > group. A group may be matched by name or identification > number. > > -- > Crist J. Clark cjclark@alum.mit.edu > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010821211357.B23012-100000>