mobility and firewall
Michael R Head
burner at suppressingfire.org
Sat Jun 4 02:32:55 CDT 2005
On Sat, 2005-06-04 at 03:29 -0400, Dmitriy Kropivnitskiy wrote:
> On Sat, 2005-06-04 at 18:42 +1200, Christoph Georgi wrote:
> > $IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox -j
> > ACCEPT
> >
> > $IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox-bin
> > -j ACCEPT
> >
> > That should do the trick?!
>
> Does that actually work? Gotta try. But I still don't see any way to add
> such rules dynamically, the way Zone Alarm does.
Perhaps firestarter could be modified use this?
Still, it's not very helpful unless it uses the full path to the
executable.
--
Michael R Head <burner at suppressingfire.org>
GPG: http://www.suppressingfire.org/~burner/gpg.key.txt (ID 23A02B1F)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050604/1dbbf8a9/attachment.pgp
More information about the ubuntu-devel
mailing list