From: [EMAIL PROTECTED] Date: Thu, 08 Jun 2006 22:20:58 -0700 > Add a new xtables target, CONNSECMARK, which is used to specify rules for > copying security marks from packets to connections, and for copyying security > marks back from connections to packets. This is similar to the CONNMARK > target, but is more limited in scope in that it only allows copying of > security marks to and from packets, as this is all it needs to do. > > A typical scenario would be to apply a security mark to a 'new' packet with > SECMARK, then copy that to its conntrack via CONNMARK, and then restore the > security mark from the connection to established and related packets on that > connection. > > Signed-off-by: James Morris <[EMAIL PROTECTED]> > Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
Applied to net-2.6.18, thanks. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
