Thanks Patrick! I gave a quick look in the patches and I think they will help me a lot. On Tue, Jan 25, 2011 at 11:06 AM, Patrick McHardy <kaber@xxxxxxxxx> wrote: > On 25.01.2011 13:04, Glauco Junquera wrote: >> Hi All, >> >> Iptables can filter output traffic by uid, for example iptables -A >> OUTPUT -m owner --uid-owner 100 -p udp -j DROP. >> I need to implement the same for input traffic. Anyone have any idea >> of how can i do it (where i must start)? I am new to netfilter >> development i tried some simple modifications on code with no success. >> I would really appreciate any kind of help. > > I've added socket layer hooks a couple of years ago for that > purpose, but we've never merged it. James Morris based some > work on them, I think this should be the latest version: > > http://people.redhat.com/jmorris/selinux/skfilter/kernel/ > -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
