I am using Ubuntu 14.04 desktop. I want to block certain applications from accessing internet and allow some. Can this be done using UFW ? If yes, how ? If no, can it be done by any other method ? I do not want to use GUFW. I am able to block by IP but not by applications.
1 Answer
( year 2018 ) Not possible.
Exists only artificial dentures which only can allow or block port from /etc/ufw/applications.d/ or from /etc/services. Similar problem exist with iptables. However iptables also have or had "-m owner --gid-owner" module. https://unix.stackexchange.com/questions/373703/unable-to-get-iptables-owner-module-gid-owner-to-work#373783
-
2Iptables also had " --pid-owner processid " . But script which will with path ( to app ) search pid inside "ps -aux" | grep "/path/to/app", and which will refresh iptable rules with new pid , probably you need build alone.– guestCommented Dec 5, 2018 at 18:39