Re: creating rules regarding to a command name
2006. március 5. 12:14,
> 2006. március 5. 12:02,
> Stephan Balmer <firstname.lastname@example.org>
> -> email@example.com,:
> > > > I want to create a rule with iptables, which applies to any traffic
> > > > which is created by a given command name. Is this possible?
> > >
> > > I mean I want to mark the packets created for example by the 'telnet'
> > > executable.
> > Try the owner match
> > http://iptables-tutorial.frozentux.net/iptables-tutorial.html#OWNERMATCH
> > and make sure you have the ipt_owner module loaded
> Ooh thanks, sorry, I thought it only works for the owner of a process, the
> user id.
Could anyone tell me please what is wrong with this:
# /sbin/iptables -t mangle -A OUTPUT -m owner --cmd-owner my_exec -j MARK
iptables: Invalid argument
I have loaded the ipt_owner and the iptables_mangle and ipt_MARK module.
And I have these line my kernel log:
ipt_owner: pid, sid and command matching not supported anymore
Then why are these options are in the man page, and all of the howtos?
Does this mean that I have a kernel which has version of this module, which
doesn't support this feature?
$ uname -r