[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD (Network) ACLs

To: Andi <andi@void.at>
Subject: Re: OpenBSD (Network) ACLs
From: Hans Insulander <hin@hin.nu>
Date: 04 Nov 2002 11:02:24 +0100
Cc: tech@openbsd.org
References: <20021104102729.A1316@moon.void.at>
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

Andi <andi@void.at> writes:

> Hi,
> 
> I'm a systemadministrator for an OpenBSD server. I have
> approximatly 25 users and I dont want that every user 
> can use bind()/connect() with/to any address/port. Therefore
> I wrote a kernel patch to restrict bind()/connect() for users.
> The communication is done via another pseudo device over ioctl.
> 
> More Info:
> http://void.at/~andi/openbsdacl/
> 
> What do you think about it?

I think you should take a look at systrace(1). It does this and much more,
and it's included in OpenBSD 3.2.

-- 
--- Hans Insulander <hin@hin.nu>, SM0UTY -------------------------------
Gravity never looses. The best you can hope for is a draw.

Follow-Ups:
- Re: OpenBSD (Network) ACLs
  - From: Dries Schellekens <gwyllion@ace.ulyssis.org>

References:
- OpenBSD (Network) ACLs
  - From: Andi <andi@void.at>

Prev by Date: OpenBSD (Network) ACLs
Next by Date: Re: OpenBSD (Network) ACLs
Prev by thread: OpenBSD (Network) ACLs
Next by thread: Re: OpenBSD (Network) ACLs
Index(es):
- Date
- Thread