Allowing users to access certain ports on server

access-controlnetworkingpermissionsrhel

I have an RHEL 6 system which has 20 users. I have 20 ports on which separate versions of a service is running. I want user a to access port a, but not other ports. Is there a way to do this? (possibly by modifying iptables)?

Best Answer

You can use the "owner" iptables module to do this. As an example to restrict port 999 to the user 'fred' only you can use:

iptables -I OUTPUT -p tcp --dport 999 -j REJECT
iptables -I OUTPUT -p tcp --dport 999 -m owner --uid-owner fred -j ACCEPT

The above rules are inserted to the top of the OUTPUT chain so the order reject then accept.

Best Answer

Related Solutions

Related Question