Hello, Yang Zhang wrote:
Hi, is it possible to filter (local origin/destination) packets on process or application? My understanding is that iptables doesn't do this, but are there any other system facilities in Linux that make this possible? Thanks in advance.
The owner module (xt_owner) matches the owner of the socket # iptables -m owner --help iptables v1.4.4 [...] owner match options: [!] --uid-owner userid[-userid] Match local UID [!] --gid-owner groupid[-groupid] Match local GID [!] --socket-exists Match if socket exists man iptables for more details ;)
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature