>Is it possible for ipfilter to disitnguish outgoing packets by process >and/or process owner that sent them?
That's a very "big" question as it covers many OSes. In Solaris, outgoing packets do carry quite a bit of information (process credential and often the process ID) In Trusted Solaris (Solaris with Trusted Extensions) all networking is labeled and you can distinguish on the basis of the label. >My goal is to allow some kinds of outgoing connections only for some users >(for example, only root should be allowed to make outgoing connections to >10.10.1.0/24). Is there already any feature in ipfilter that can help me to >do this, and if not, do you plan to implement such a thing? It seems that in many OSes, such decisions would need to be made at a higher level, e.g., in the connect() or sendto() system calls. Casper
