Hello, I'm trying to find a way to restrict network access to local subnet for some programs. I've found that in AppArmor documentation there is a mention of such a possibility ( http://wiki.apparmor.net/index.php/ProfileLanguage#Network_rules) - ipv4 address expressions and address masks, but I can't find a working example of such a rule.
What I tried to do is to use a rule like this: network inet raw dst 10.0.2.0/24, but all my attemts were unsuccessfull - "syntax error, unexpected TOK_ID, expecting TOK_END_OF_RULE". I'm using AppArmor parser version 2.7.102. Could you please advice if there is such a possibility to restrict network access using development version of Apparmor (3.0) in old versions of Ubuntu, namely 10.04 and 12.04? Kind regards, Vladimir.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
