2006. március 5. 12:14, LeVA <[EMAIL PROTECTED]> -> [email protected],: > 2006. március 5. 12:02, > Stephan Balmer <[EMAIL PROTECTED]> > > -> [email protected],: > > > > I want to create a rule with iptables, which applies to any traffic > > > > which is created by a given command name. Is this possible? > > > > > > I mean I want to mark the packets created for example by the 'telnet' > > > executable. > > > > Try the owner match > > > > http://iptables-tutorial.frozentux.net/iptables-tutorial.html#OWNERMATCH > > and make sure you have the ipt_owner module loaded > > Ooh thanks, sorry, I thought it only works for the owner of a process, the > user id. Could anyone tell me please what is wrong with this:
# /sbin/iptables -t mangle -A OUTPUT -m owner --cmd-owner my_exec -j MARK --set-mark 1 iptables: Invalid argument I have loaded the ipt_owner and the iptables_mangle and ipt_MARK module. And I have these line my kernel log: ipt_owner: pid, sid and command matching not supported anymore Then why are these options are in the man page, and all of the howtos? Does this mean that I have a kernel which has version of this module, which doesn't support this feature? $ uname -r 2.6.15-ck4 Thanks! Daniel -- LeVA
