[Bug 775] -m owner ! --uid-owner False positive logging
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri May 31 15:54:11 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=775
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #1 from Phil Oester <netfilter at linuxace.com> 2013-05-31 15:54:11 CEST ---
If the socket is in TCP_TIME_WAIT, then the uid will not be logged as it cannot
be determined:
if (!sk || sk->sk_state == TCP_TIME_WAIT)
return;
So you would need to figure out what state this socket is in when these "false
positives" are logged. I would suggest that given this limitation, you either
live with the extra logging, or be more selective in what you log (e.g. by
using the ctstate match first?)
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list