X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=extensions%2Flibip6t_owner.man;fp=extensions%2Flibip6t_owner.man;h=99680a6e010c5cfd12af889b0e49107b3c0aac89;hb=87eee0d249c8a07ce0c8a64430d8792aacc7870f;hp=0000000000000000000000000000000000000000;hpb=52e4f4e0628f3e80b5dae46faf617c9c78c4e04a;p=iptables.git

diff --git a/extensions/libip6t_owner.man b/extensions/libip6t_owner.man
new file mode 100644
index 0000000..99680a6
--- /dev/null
+++ b/extensions/libip6t_owner.man
@@ -0,0 +1,23 @@
+This module attempts to match various characteristics of the packet
+creator, for locally-generated packets.  It is only valid in the
+.B OUTPUT
+chain, and even this some packets (such as ICMP ping responses) may
+have no owner, and hence never match.  This is regarded as experimental.
+.TP
+.BI "--uid-owner " "userid"
+Matches if the packet was created by a process with the given
+effective user id.
+.TP
+.BI "--gid-owner " "groupid"
+Matches if the packet was created by a process with the given
+effective group id.
+.TP
+.BI "--pid-owner " "processid"
+Matches if the packet was created by a process with the given
+process id.
+.TP
+.BI "--sid-owner " "sessionid"
+Matches if the packet was created by a process in the given session
+group.
+.TP
+.B NOTE: pid, sid and command matching are broken on SMP