[Bug 847] Owner matching fails on listening socket
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Aug 27 01:32:17 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=847
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #1 from Phil Oester <netfilter at linuxace.com> 2013-08-27 01:32:15 CEST ---
First, please use ports that don't differ by only one digit in your examples.
Note how I used 7777 vs 8888 below, which make spotting the difference much
easier.
Anyhow - seems to work fine for me in 3.10+:
# uname -r
3.10.0+
# iptables -V
iptables v1.4.18
# iptables -A OUTPUT -p tcp --sport 8888 -m owner --uid-owner 1000 -j REJECT
[phil at linuxace ~]$ id
uid=1000(phil) gid=1000(phil) groups=1000(phil)
[phil at linuxace ~]$ echo hi | nc -p 8888 bathroom.mit.edu 79
Ncat: Connection refused.
[phil at linuxace ~]$ echo hi | nc -p 7777 bathroom.mit.edu 79
Random Hall Bathroom Server v2.1
...
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list