OneOfOne
any idea on how to make -m owner work for the input chain?
from man iptables :
owner
This module attempts to match various characteristics of the packet creator, for locally-generated packets. It is only
valid in the OUTPUT chain, and even this some packets (such as ICMP ping responses) may have no owner, and hence never
match.
--uid-owner userid
Matches if the packet was created by a process with the given effective user id.
--gid-owner groupid
Matches if the packet was created by a process with the given effective group id.
--pid-owner processid
Matches if the packet was created by a process with the given process id.
--sid-owner sessionid
Matches if the packet was created by a process in the given session group.
--cmd-owner name
Matches if the packet was created by a process with the given command name. (this option is present only if
iptables was compiled under a kernel supporting this feature)
like : if (portX == openedBy(progY)) {allow incoming;}
peace
from man iptables :
owner
This module attempts to match various characteristics of the packet creator, for locally-generated packets. It is only
valid in the OUTPUT chain, and even this some packets (such as ICMP ping responses) may have no owner, and hence never
match.
--uid-owner userid
Matches if the packet was created by a process with the given effective user id.
--gid-owner groupid
Matches if the packet was created by a process with the given effective group id.
--pid-owner processid
Matches if the packet was created by a process with the given process id.
--sid-owner sessionid
Matches if the packet was created by a process in the given session group.
--cmd-owner name
Matches if the packet was created by a process with the given command name. (this option is present only if
iptables was compiled under a kernel supporting this feature)
like : if (portX == openedBy(progY)) {allow incoming;}
peace