blob: add236900fa1c2b4bdc0599aac762cb4ff2a156b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
This module attempts to match various characteristics of the packet creator,
for locally generated packets. This match is only valid in the OUTPUT and
POSTROUTING chains. Forwarded packets do not have any socket associated with
them. Packets from kernel threads do have a socket, but usually no owner.
.TP
\fB--uid-owner\fR \fIuserid\fR
Matches if the packet socket's file structure (if it has one) is owned by the
given user ID. A user name may be specified in place of \fIuserid\fR, in which
case iptables will try to look it up.
.TP
\fB--gid-owner\fR \fIgroupid\fR
Matches if the packet socket's file structure is owned by the given group ID.
A group name may be specified in place of \fIgroupid\fR.
.TP
\fB--socket-exists\fR
Matches if the packet is associated with a socket.
|
