IP ACL reverse policy
Posted: Wed Jul 16, 2003 11:26 amI want to enforce the following role:
/usr/bin/mozilla is allowed to connect to every IP but those of my LAN (i.e. 192.168.1.0/24).
I understand that the default policy of the connect-statement is to deny every connection but the specified IPs.
At the moment (using grsec-2.0-rc1) there seems to be no way to achieve that. Do I miss something here?
If not I would like to request a feature:
Implementation of a reverse policy "accept", which grants every connection to all IPs but to the specified ones (analogous to iptables).
Thanks in advance for any ideas.
/usr/bin/mozilla is allowed to connect to every IP but those of my LAN (i.e. 192.168.1.0/24).
I understand that the default policy of the connect-statement is to deny every connection but the specified IPs.
At the moment (using grsec-2.0-rc1) there seems to be no way to achieve that. Do I miss something here?
If not I would like to request a feature:
Implementation of a reverse policy "accept", which grants every connection to all IPs but to the specified ones (analogous to iptables).
Thanks in advance for any ideas.