On Monday 2010-12-06 13:26, Ferenc Wagner wrote: >> >>> I opened http://bugzilla.netfilter.org/show_bug.cgi?id=683 >> >> This was done on purpose by me, because username resolution usually does >> not take ages like DNS, and user ids can actually change if you copy a >> ruleset to another machine (this is much more unlikely to be the case >> with DNS). > >This is indeed true if you only use a local passwd and group database. (Is your LDAP _that_ slow?) The change is now in git://dev.medozas.de/iptables . parent d4105ad56335058af4b0b1be1278e01f5c0bd4ac (v1.4.9-35-gd4105ad) commit f3578faae096f191a44742777275a23b566d7566 Author: Jan Engelhardt <jengelh@xxxxxxxxxx> Date: Mon Dec 6 13:32:58 2010 +0100 libxt_owner: output numeric IDs when save is requested References: http://bugzilla.netfilter.org/show_bug.cgi?id=683 Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> --- extensions/libxt_owner.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index 4015f13..867ed49 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -558,9 +558,9 @@ static void owner_mt_save(const void *ip, const struct xt_entry_match *match) { const struct xt_owner_match_info *info = (void *)match->data; - owner_mt_print_item(info, "--socket-exists", XT_OWNER_SOCKET, false); - owner_mt_print_item(info, "--uid-owner", XT_OWNER_UID, false); - owner_mt_print_item(info, "--gid-owner", XT_OWNER_GID, false); + owner_mt_print_item(info, "--socket-exists", XT_OWNER_SOCKET, true); + owner_mt_print_item(info, "--uid-owner", XT_OWNER_UID, true); + owner_mt_print_item(info, "--gid-owner", XT_OWNER_GID, true); } static struct xtables_match owner_mt_reg[] = { -- # Created with git-export-patch -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
