• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1365
  • Last Modified:

iptables rules per user or application

I want to script some iptables rules only for a specific application like a personal firewall on windows, but the iptables module is not working on multicore CPUs.

Is there another way?

Commands like the following are not working on SMP systems:
iptables -A OUTPUT -m owner --uid-owner 315 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner 315 --cmd-owner firefox -p tcp -m multiport \
--dport 80,443 -m state --state NEW -j ACCEPT

Open in new window

1 Solution
> Is there another way?

Probably yes, but not with iptables and not with such control grain as with IPtables. You can try to use SELinux network acl features.

Don't ask me, I never tested it :-)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now