I was going over the docs wrt banning with iptables
In most Linux installations iptables wi
ll be owned by root, and thus MIS>will not have access to us
e the command. You will need to chown iptables so>the BBS us
er can access it, or chmod it so all users can use it.
This won't actually work. The issue is r
oot access to the kernel netfilterinterface, not
the iptables program. Most distributions don'
t even botherprotecting the iptables binary from unprivi
leged users. They can't actually do
anything with it. They can run it from /sbin
/ owned or not, make a copy ownedby th
emselves in their home directory and run it there or even compile the
irown copy and run it.You
'd need to either chmod the iptables binary setuid root
(not recommended)or give the bbs user
sudo permission to it and have them run it that way. Û²±°mysticbbs@guybrush²±²ÛÛ²±° Thu
Dec 21 10:31:19pm~ $ ls /sbin/iptables /usr/sbin/i
pset -l-rwxr-xr-x 1 mysticbbs mysticbbs 60704 Sep 12 02:01 /sbin/iptables-rwxr-xr-x 1 mysticbbs mysticbbs 26
560 Sep 27 17:27 /usr/sbin/ipsetÛ²±°
mysticbbs@guybrush²±²ÛÛ²±° Thu Dec 21 10:31:
27pm~ $ /usr/sbin/ipset create test hash:ip
ipset v6.34: Kernel error received: Operation not permittedÛ ²±°mysticbbs@guybrush²±²ÛÛ²±° Thu
Dec 21 10:31:43pm~ $ /sbin/iptables -I INPUT -s 104
.43.195.251 -j DROPiptables v1.6.1: can't initialize iptable
s table `filter': Permission denied (you must be root)Perhap
s iptables or your kernel needs to be upgraded.
--- Mystic BBS v1.12 A36 2017/12/03 (Linux/64)
* Origin: Subcarrier BBS (21:2/140)