1
This module attempts to match various characteristics of the packet
2
creator, for locally-generated packets. It is only valid in the
4
chain, and even this some packets (such as ICMP ping responses) may
5
have no owner, and hence never match.
7
.BI "--uid-owner " "userid"
8
Matches if the packet was created by a process with the given
11
.BI "--gid-owner " "groupid"
12
Matches if the packet was created by a process with the given
15
.BI "--pid-owner " "processid"
16
Matches if the packet was created by a process with the given
19
.BI "--sid-owner " "sessionid"
20
Matches if the packet was created by a process in the given session
23
.BI "--cmd-owner " "name"
24
Matches if the packet was created by a process with the given command name.
25
(this option is present only if iptables was compiled under a kernel
26
supporting this feature)
28
.B NOTE: pid, sid and command matching are broken on SMP