Diffstat (limited to 'extensions/libxt_owner.man')
1 files changed, 16 insertions, 0 deletions
diff --git a/extensions/libxt_owner.man b/extensions/libxt_owner.man
new file mode 100644
@@ -0,0 +1,16 @@
+This module attempts to match various characteristics of the packet creator,
+for locally generated packets. This match is only valid in the OUTPUT and
+POSTROUTING chains. Forwarded packets do not have any socket associated with
+them. Packets from kernel threads do have a socket, but usually no owner.
+Matches if the packet socket's file structure (if it has one) is owned by the
+given user ID. A user name may be specified in place of \fIuserid\fR, in which
+case iptables will try to look it up.
+Matches if the packet socket's file structure is owned by the given group ID.
+A group name may be specified in place of \fIgroupid\fR.
+Matches if the packet is associated with a socket.