Restrict Port range to a user

linux port

On a server with several users I'm looking to reserve port ranges so that only one user has access to a specific port range, IE

user1: 2000-2005
user2: 2006,3003
user3: 1025

In doing so, an application spawned by that user can only access ports allotted to that user. All other ports would fail to bind. Is there a way to do this on a Linux (Ubuntu) server?


I don't know if iptables owner module would help you, it will allow you to apply rules regarding the owner. You could do something like:

iptables -I OUTPUT -m owner --uid-owner=pmartinez -p tcp -m multiport --sports 2000:2005 -j ACCEPT
iptables -I OUTPUT -m owner --uid-owner=pmartinez -j REJECT

That won't avoid binding but it will block all traffic and only allow the specified ports.

Related

Cannot Login to RDP on Server 2003 r2
SSL Re-negotiation handshake failed - slow page loads
Setting up Multicast NLB Cluster with HP 6120XG Switch
CentOS 5.6 Update Version Of Tar
Collecting FusionIO inventory
In mysql I want to set lower_case_table_names=1 on existing databases to avoid cases-sensitivity issues accross multiple platforms
Upgraded users to Win7. Now getting "path not found" when saving files or opening attachments
OpenVPN server cannot ping client IPs
Are SSL Client Certificates well supported by all major browsers?
Powershell 2: How to strip a specific character from a body of ASCII text
Powershell 2 and Exchange: Find conflicting objects
Remote Desktop Connection Denied because the user account is not authorized for remote login