-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/15/2011 12:16 PM, Christoph A. wrote: > Hi, > > I'd like to redirect traffic (for transparent proxying) coming from a > program running in a sandbox_net_t (or sandbox_web_t) sandbox, but as > far as I've seen there is no possibility to match/mark packets based on > there local security context origin. > > Is that idea somehow possible? > > thanks, > Christoph A. > > > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux I am not sure about proxying, but you can force all packets from the sandbox to go to a proxy server and block them if they tried to go direct. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2ocRoACgkQrlYvE4MpobOghQCfXCVcsFSlb7PLnvQoJnEVist5 sfoAnA2vNM1AWgwopCC+haney3Y7hdC6 =FJCo -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
