/proc/self/attr/current will tell you the Smack label of the process. The mapping of Smack label to CIPSO tag is in /sys/fs/smackfs/cipso2. If you are running an older system it might be in /smack/cipso2. Netfilter support is relatively recent. What kernel version and Smack configuration options (grep for “SMACK” in the kernel configuration file) you have set. What kernel revision are you looking at?
From: Dev [mailto:dev-boun...@lists.tizen.org] On Behalf Of Saulo A. Moraes Sent: Tuesday, February 14, 2017 4:08 PM To: dev@lists.tizen.org Subject: Re: [Dev] Debug CIPSO content I can see the CIPSO label in "/proc/self/attr/current" (maybe some cipso parameters are missing here?). But when network packet label is included? Can label be filtered in nfqueue? Sent: Monday, February 13, 2017 at 10:03 PM From: "Schaufler, Casey" <casey.schauf...@intel.com<mailto:casey.schauf...@intel.com>> To: "Saulo A. Moraes" <sa...@gmx.com<mailto:sa...@gmx.com>>, "dev@lists.tizen.org<mailto:dev@lists.tizen.org>" <dev@lists.tizen.org<mailto:dev@lists.tizen.org>> Subject: RE: [Dev] Debug CIPSO content You can find the Smack label to CIPSO packet mapping in /sys/fs/smackfs/cipso2 From: Dev [mailto:dev-boun...@lists.tizen.org] On Behalf Of Saulo A. Moraes Sent: Monday, February 13, 2017 3:53 PM To: dev@lists.tizen.org<mailto:dev@lists.tizen.org> Subject: [Dev] Debug CIPSO content Hi, What is the easiest way to debug/log CIPSO content from packet going to network output/internet? Tks
_______________________________________________ Dev mailing list Dev@lists.tizen.org https://lists.tizen.org/listinfo/dev
