summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_owner.man
diff options
context:
space:
mode:
author/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net>2008-01-20 13:21:38 +0000
committer/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net>2008-01-20 13:21:38 +0000
commit1a921f6a9f11ec2f43e5417d9c4a37b8877fd524 (patch)
treeaaf730a96d73a6dfa0a84db89a84799b86decc30 /extensions/libxt_owner.man
parent245a69add9e3195b2b4a596a3104e49a17b47017 (diff)
[PATCH]: libxt_owner
libxt_owner merges libipt_owner and libip6t_owner, and adds support for the xt_owner match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Diffstat (limited to 'extensions/libxt_owner.man')
-rw-r--r--extensions/libxt_owner.man16
1 files changed, 16 insertions, 0 deletions
diff --git a/extensions/libxt_owner.man b/extensions/libxt_owner.man
new file mode 100644
index 0000000..add2369
--- /dev/null
+++ b/extensions/libxt_owner.man
@@ -0,0 +1,16 @@
+This module attempts to match various characteristics of the packet creator,
+for locally generated packets. This match is only valid in the OUTPUT and
+POSTROUTING chains. Forwarded packets do not have any socket associated with
+them. Packets from kernel threads do have a socket, but usually no owner.
+.TP
+\fB--uid-owner\fR \fIuserid\fR
+Matches if the packet socket's file structure (if it has one) is owned by the
+given user ID. A user name may be specified in place of \fIuserid\fR, in which
+case iptables will try to look it up.
+.TP
+\fB--gid-owner\fR \fIgroupid\fR
+Matches if the packet socket's file structure is owned by the given group ID.
+A group name may be specified in place of \fIgroupid\fR.
+.TP
+\fB--socket-exists\fR
+Matches if the packet is associated with a socket.