How to obtain process ID that created connection or owns one
packet
Pablo Neira Ayuso
pablo at eurodev.net
Tue Dec 27 20:28:06 CET 2005
Marcus Sundberg wrote:
> Pablo Neira Ayuso wrote:
>
>> Mikado wrote:
>>
>>> Thanks all! Finally I found the answer in 'struct sk_buff':
>>>
>>> struct sk_buff ( #include <linux/skbuff.h> )
>>> |_struct sock ( #include <net/sock.h> )
>>> |_struct socket ( #include <linux/net.h> )
>>> |_struct file ( #include <linux/fs.h> )
>>> |_struct fown_struct ( #include <linux/fs.h> )
>>> |_int pid
>>
>>
>>
>> Yes, but AFAIK you can only use that in the OUTPUT hook, not in the
>> INPUT path.
>
> ...and if using SMP you can't use it at all in netfilter context.
And there's still some work in progress about this:
http://lwn.net/Articles/157137/
--
Pablo
More information about the netfilter-devel
mailing list