Patrick McHardy | ff96830 | 2006-05-24 16:15:03 +0000 | [diff] [blame] | 1 | This module copies security markings from packets to connections |
| 2 | (if unlabeled), and from connections back to packets (also only |
| 3 | if unlabeled). Typically used in conjunction with SECMARK, it is |
| 4 | only valid in the |
| 5 | .B mangle |
| 6 | table. |
| 7 | .TP |
| 8 | .B --save |
| 9 | If the packet has a security marking, copy it to the connection |
| 10 | if the connection is not marked. |
| 11 | .TP |
| 12 | .B --restore |
| 13 | If the packet does not have a security marking, and the connection |
| 14 | does, copy the security marking from the connection to the packet. |
| 15 | |