How to disable internet for a user on a system

security networking internet firewall users

I know about changing owners/permissions on particular programs/files, but how can I control which users have access to the network card (NIC) or have the power to create network sockets?


As described here, you can block all Internet access for certain users using this iptables command:

sudo iptables -A OUTPUT -m owner --uid-owner {USERNAME} -j REJECT
sudo ip6tables -A OUTPUT -m owner --uid-owner {USERNAME} -j REJECT

If you want this command to run automatically when the system starts up, you should add it to the end of your /etc/rc.local file.

While this won't make it impossible for those users to create sockets, it will block all outgoing traffic (like a firewall).

Related

Installed Ubuntu on external drive and can't find my files
Unable to uninstall programs using sudo pip
Initialize empty matrix in Python
Arithmetic sequence Ruby
How to generate file and re-use its content with terrafrom
How to set columns titles row size in GridView
Pass custom json object in swagger with spring boot
NullPointer Exception when calling method from a difference class
C# Casting implementation of (interface with generic argument that is also an interface) results to InvalidCastException
How to understand Maven dependency tree
How to skip saturday and sunday in a cron expression?
Ways to limit Phaser3 update rate?