head	1.2;
access;
symbols;
locks; strict;
comment	@# @;


1.2
date	2001.04.19.22.25.17;	author drobbins;	state dead;
branches;
next	1.1;

1.1
date	2001.04.19.16.31.18;	author drobbins;	state Exp;
branches;
next	;


desc
@@


1.2
log
@updates
@
text
@#!/bin/bash

# deny new outgoing tcp connections
# remember to chmod u+s /usr/bin/ssh for this to work with ssh

source ##PREFIX##/share/dynfw.sh

args 2 $# "${0} UID {on/off}" "Reject all new outgoing TCP connections made by user UID"

if [ "$2" == "on" ] 
then
	rec_check user-outblock $1 "$1 already blocked" on
	record user-outblock $1
	INSERT="-I"
elif [ "$2" == "off" ]
then
	rec_check user-outblock $1 "$1 not currently blocked" off
	unrecord user-outblock $1
	INSERT="-D"
else
	echo "Error: \"off\" or \"on\" expected as second argument"
	exit 1
fi	
iptables ${INSERT} OUTPUT -p tcp -m owner --uid-owner ${1} -m state --state NEW -j REJECT --reject-with tcp-reset
echo "UID ${1} block ${2}."
@


1.1
log
@added dynamic firewalling tools project page
@
text
@@

