I'm running a dedicated machine on RHEL (CentOS 6.3) that runs with multiple IP addresses. Multiple users also have access to the machine, on non-superuser accounts. I would like to prevent them from binding to certain addresses.
I do know that Linux can restrict ports for non-root users, as is currently done for ports smaller than or equal to 1024. If I wanted to prevent access to a specific IP address such as 0.0.0.0
, or a range such as 127.0.0.0/8
, would doing so be possible, and if so, how would it be done?
Or inversely, how would I deny all access to bind to any IP addresses, and grant access to individual addresses by user?