Date: Wed, 07 May 2003 15:17:10 -0000 From: alex <nowhere@phobgate.de> To: Daniela <dgw@liwest.at>, ipfw@FreeBSD.org Subject: Re: Allow all traffic for a specific process Message-ID: <130328252.957652342@[192.168.2.94]> In-Reply-To: <200305062208.06242.dgw@liwest.at> References: <200305062208.06242.dgw@liwest.at>
next in thread | previous in thread | raw e-mail | index | archive | help
run process under own user and/or group id, then use ipfw rule with uid and/or gid option ipfw manual says: uid user Match all TCP or UDP packets sent by or received for a user. A user may be matched by name or identification number. gid group Match all TCP or UDP packets sent by or received for a group. A group may be matched by name or identification number. i've used this options for shell accounts to share bandwith between users --On Dienstag, 6. Mai 2003 22:08 +0000 Daniela <dgw@liwest.at> wrote: > Hi all! > > Does IPFW have a feature to pass all traffic destined for ports a > specific process has opened? > The process opens many rapidly changing dynamic ports, UDP and TCP, so > the keep-state rules are useless most of the time. > > If this is not possible, would it be easy to implement? > I'm still a newbie, but if it's not too hard, I think I can do it. > > Regards, > Daniela > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?130328252.957652342>