* command owner match support
@ 2006-01-05 6:56 Ryan L
2006-01-06 13:31 ` Nick Drage
0 siblings, 1 reply; 3+ messages in thread
From: Ryan L @ 2006-01-05 6:56 UTC (permalink / raw)
To: netfilter
I'm trying to block specific applications through iptables. However I
keep getting the following error message: Jan 4 22:44:05 thor
ipt_owner: pid, sid and command matching not supported anymore
Is there any way to add this back into the newer kernels or to do this
without it?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: command owner match support
2006-01-05 6:56 command owner match support Ryan L
@ 2006-01-06 13:31 ` Nick Drage
[not found] ` <43BF214A.4050801@lists.netfilter.org>
0 siblings, 1 reply; 3+ messages in thread
From: Nick Drage @ 2006-01-06 13:31 UTC (permalink / raw)
To: netfilter
On Thu, Jan 05, 2006 at 12:56:38 -0600, Ryan L wrote:
> I'm trying to block specific applications through iptables. However I
> keep getting the following error message: Jan 4 22:44:05 thor
> ipt_owner: pid, sid and command matching not supported anymore Is
> there any way to add this back into the newer kernels or to do this
> without it?
I'm not seeing that message when I try and use --cmd-owner or
--pid-owner, I just get "iptables: Invalid argument". However the
commands are listed in the output of "iptables --owner --help" for
IPTables 1.3.3.
I can only presume that that functionality has silently "gone away". I
can't see anything on mailing lists or in the netfilter documentation,
are there any references for when this was removed, or why, or what it
should be replaced with, if anything?
--
When the going gets tough, the tough call for close air support.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: command owner match support
[not found] ` <20060107140410.GK7546@metastasis.org.uk>
@ 2006-01-07 16:58 ` Ryan L
0 siblings, 0 replies; 3+ messages in thread
From: Ryan L @ 2006-01-07 16:58 UTC (permalink / raw)
To: netfilter
Nick Drage wrote:
>On Fri, Jan 06, 2006 at 08:02:50 -0600, drseus88@gmail.com wrote:
>
>
>>Nick Drage wrote:
>>
>>
>>>On Thu, Jan 05, 2006 at 12:56:38 -0600, Ryan L wrote:
>>>
>>>
>
>Hi,
>
>
>
>>I have found nothing about why it was removed or it should be replaced
>>with either. That is the main thing I'm trying to find out. The
>>message you get is the same as what I get when running the command in
>>console. But if you check /var/log/messages right afterward, it will
>>show the message I posted. Sorry. I should have clarified that a bit
>>more. Also, I'm using iptables 1.3.4 with a 2.6.14 kernel.
>>
>>
>
>It's very weird that it's just vanished. Please post me this reply but
>to the mailing list just so everyone can see it, and then I'll send off
>an email to the developers, see if we can get a response.
>
>Thanks.
>
>
>
Oh, did you mean like this?
Ok this is how it went in order:
> 1) Run: iptables -I OUTPUT -m owner --cmd-owner firefox -j LOG
> 2) It gives me this message: "iptables: Invalid argument"
> 3) Check /var/log/messages
> 4) It shows the following message: "Jan 4 22:44:05 thor > ipt_owner:
> pid, sid and command matching not supported anymore"
> 5) I say "WTF!?"
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-01-07 16:58 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-01-05 6:56 command owner match support Ryan L
2006-01-06 13:31 ` Nick Drage
[not found] ` <43BF214A.4050801@lists.netfilter.org>
[not found] ` <20060107140410.GK7546@metastasis.org.uk>
2006-01-07 16:58 ` Ryan L
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.