On Sun, Sep 23, 2018 at 08:26:15PM +0200, Christian Göttsche wrote: > Add the ability to set the security context of packets within the nf_tables > framework. > Add a nft_object for holding security contexts in the kernel and manipulating > packets on the wire. > > Convert the security context strings at rule addition time to security > identifiers. > This is the same behavior like in xt_SECMARK and offers better performance > than computing it per packet. > > Set the maximum security context length to 256.
Applied, thanks Christian. _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
