| Patrick McHardy | ff96830 | 2006-05-24 16:15:03 +0000 | [diff] [blame] | 1 | This module copies security markings from packets to connections |
| 2 | (if unlabeled), and from connections back to packets (also only |
| 3 | if unlabeled). Typically used in conjunction with SECMARK, it is |
| 4 | only valid in the |
| 5 | .B mangle |
| 6 | table. |
| 7 | .TP |
| Jan Engelhardt | fea74bf | 2009-01-12 04:53:18 +0100 | [diff] [blame] | 8 | \fB\-\-save\fP |
| Patrick McHardy | ff96830 | 2006-05-24 16:15:03 +0000 | [diff] [blame] | 9 | If the packet has a security marking, copy it to the connection |
| 10 | if the connection is not marked. |
| 11 | .TP |
| Jan Engelhardt | fea74bf | 2009-01-12 04:53:18 +0100 | [diff] [blame] | 12 | \fB\-\-restore\fP |
| Patrick McHardy | ff96830 | 2006-05-24 16:15:03 +0000 | [diff] [blame] | 13 | If the packet does not have a security marking, and the connection |
| 14 | does, copy the security marking from the connection to the packet. |
| 15 | |