On Thursday, May 31, 2012 10:30:24 AM Jason Axelson wrote: > Hi Paul, > > Thanks for the information. Since I'm not using labeled IPsec or CIPSO > I've resorted to just removing access to the packet type in the policy > to check that those packets have the label I expect based on the > generated AVC log. So is it theoretically possible to add secmark > support to tcpdump? It sounds like it might require a change in the > kernel. Unfortunately, because secmark labels do not exist in the packet itself, it is impossible to add secmark support to tcpdump or any other packet sniffer for that matter. -- paul moore www.paul-moore.com -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
