Ping a Specific Port

Question

corsiKa

Asked: 2011-04-26 10:23:00 +0800 CST2011-04-26 10:23:00 +0800 CST 2011-04-26 10:23:00 +0800 CST

block program with iptables

772

I have two programs both of which are in Java.

Program A was written by me. If it wants to establish an external connection, I'm okay with this.

Program B was not written by me. If it wants to establish an external connection, I'm not okay with this.

How can I configure iptables to allow java A to make outgoing connections, but java B to be denied?

If iptables can't be used for this, what other options do I have?

2 Answers

Voted

Mark Wagner · Answer 1 · 2011-04-26T10:53:07+08:00

Best Answer

Mark Wagner

2011-04-26T10:53:07+08:002011-04-26T10:53:07+08:00

If you run the programs as different users you can use the owner module.

iptables -A OUTPUT -m owner --uid-owner javaauser -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner javabuser -j REJECT

4

coredump · Answer 2 · 2011-04-26T10:33:16+08:00

coredump

2011-04-26T10:33:16+08:002011-04-26T10:33:16+08:00

You must block the port that the program you don't want external access uses. Suppose it uses port 30000:

 # iptables -A OUTPUT -s 0/0 -d 0/0 -p tcp --dport 30000 -j DROP

This is a simple rule, you can learn more on this simple howto. Depending on what distribution you use, you can also try AppArmor, a kernel level application firewall.

0

block program with iptables

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?