My system is debian 10 with nftables.
output of nethogs
as below:
? root 192.168.2.10:59100-172.217.27.138:443
? root 192.168.2.10:59086-172.217.27.138:443
? root 192.168.2.10:59082-172.217.27.138:443
? root 192.168.2.10:59062-172.217.27.138:443
? root 192.168.2.10:59058-172.217.27.138:443
? root 192.168.2.10:59054-172.217.27.138:443
? root 192.168.2.10:59030-172.217.27.138:443
? root 192.168.2.10:59026-172.217.27.138:443
? root 192.168.2.10:42314-27.19.249.194:443
? root 192.168.2.10:49788-216.58.200.234:443
I ss -pl | grep 59100
but got nothing,then I plan to block all root
process to network connection.
How to do it?
With iptables, this would be rather easy with the
owner
match extension:Likewise, nftables has matching by socket UID / GID: