Disable internet access for particular user in Ubuntu
Posted by admin on January 9th, 2008 
Email This Post
First you need to edit the network interfaces file using the following comamnd
sudo vi /etc/network/interfaces
or
sudo gedit /etc/network/interfaces
Now you need to add the simple iptables rule to the interfaces file when the internet connection starts up
Simply add this under auto wlan0 or auto eth0 in the interfaces file
pre-up iptables -A OUTPUT -p tcp -m owner --uid-owner username -j DROP
save and exit the file.
Now you need to type in the terminal with the following command
sudo iptables -A OUTPUT -p tcp -m owner --uid-owner username -j DROP
and switch users to the username you blocked and try to access the internet.
If you want to be notified the next time we write something please subscribe to our RSS feed.Thanks for Visiting!
January 10th, 2008 at 6:51 pm
How would you turn it on again?
January 14th, 2008 at 6:27 am
Would you add:
pre-up iptables -A OUTPUT -p tcp -m owner –uid-owner username -j ACCEPT
or just delete the original /etc/network/interfaces statement?
What’s pre-up do? Couldn’t find anything on it in Google.
As of yet, I haven’t been successful in getting your original DROP statement to work–and I did change the username variable.
Note: You could also disable the user’s browser permissions but this would have the negative effect of disallowing user access to locally saved web pages. You could also disallow user access to the Internet via the PC firewall such as Firestarter /etc/host/deny for outbound traffic, or at a gateway firewall if the user account was on it’s own PC.