| Henrik Nordstrom | c279413 | 2004-01-22 15:04:24 +0000 | [diff] [blame] | 1 | This module attempts to match various characteristics of the packet |
| 2 | creator, for locally-generated packets. It is only valid in the |
| 3 | .B OUTPUT |
| Yasuyuki KOZAKAI | 28e5b79 | 2006-01-30 08:50:09 +0000 | [diff] [blame] | 4 | chain, and even this some packets (such as ICMPv6 ping responses) may |
| Henrik Nordstrom | c279413 | 2004-01-22 15:04:24 +0000 | [diff] [blame] | 5 | have no owner, and hence never match. This is regarded as experimental. |
| 6 | .TP |
| 7 | .BI "--uid-owner " "userid" |
| 8 | Matches if the packet was created by a process with the given |
| 9 | effective user id. |
| 10 | .TP |
| 11 | .BI "--gid-owner " "groupid" |
| 12 | Matches if the packet was created by a process with the given |
| 13 | effective group id. |
| 14 | .TP |
| 15 | .BI "--pid-owner " "processid" |
| 16 | Matches if the packet was created by a process with the given |
| 17 | process id. |
| 18 | .TP |
| 19 | .BI "--sid-owner " "sessionid" |
| 20 | Matches if the packet was created by a process in the given session |
| 21 | group. |
| Patrick McHardy | 373f8e9 | 2004-10-03 20:36:54 +0000 | [diff] [blame] | 22 | .TP |
| 23 | .B NOTE: pid, sid and command matching are broken on SMP |