diff options
author | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2008-01-20 13:21:38 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2008-01-20 13:21:38 +0000 |
commit | 1a921f6a9f11ec2f43e5417d9c4a37b8877fd524 (patch) | |
tree | aaf730a96d73a6dfa0a84db89a84799b86decc30 /extensions/libxt_owner.man | |
parent | 245a69add9e3195b2b4a596a3104e49a17b47017 (diff) |
[PATCH]: libxt_owner
libxt_owner merges libipt_owner and libip6t_owner, and adds support
for the xt_owner match revision 1.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Diffstat (limited to 'extensions/libxt_owner.man')
-rw-r--r-- | extensions/libxt_owner.man | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/extensions/libxt_owner.man b/extensions/libxt_owner.man new file mode 100644 index 0000000..add2369 --- /dev/null +++ b/extensions/libxt_owner.man @@ -0,0 +1,16 @@ +This module attempts to match various characteristics of the packet creator, +for locally generated packets. This match is only valid in the OUTPUT and +POSTROUTING chains. Forwarded packets do not have any socket associated with +them. Packets from kernel threads do have a socket, but usually no owner. +.TP +\fB--uid-owner\fR \fIuserid\fR +Matches if the packet socket's file structure (if it has one) is owned by the +given user ID. A user name may be specified in place of \fIuserid\fR, in which +case iptables will try to look it up. +.TP +\fB--gid-owner\fR \fIgroupid\fR +Matches if the packet socket's file structure is owned by the given group ID. +A group name may be specified in place of \fIgroupid\fR. +.TP +\fB--socket-exists\fR +Matches if the packet is associated with a socket. |