It is possible on Linux environment to restrict the use of network only on selected applications?
Lets just say, i have very limited prepaid data limit on mobile modem and i want only use that data limit to connect to SSH. while restrict every other application to access the network anyhow.
Is there any solution to this? It will be best, if it is also easy to return to normal.
iptables, the linux firewall, can do this.
Remember not to do this over a remote SSH session.
The first rule will flush the existing firewall rules, the second and third block incoming and outgoing traffic respectively. The fourth rule blocks FORWARDs but that's probably largely irrelevant for you. You can then add entries for traffic you wish to allow as below.
You haven't specified your linux flavour but you can execute these commands on the command line and then use iptables-save to save your configuration. Alternatively, you can edit
/etc/sysconfig/iptables(on a RHEL based distribution, likely elsewhere on others?) and save these commands (minus the iptables prefix, i.e.,-A INPUT -p tcp --dport 22 -j ACCEPT) and then load them using iptables-restore.You can secure more or limit ssh connections by using below rules. The following rules allow incoming ssh connections only from 192.168.100.X network.
iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT