Blame extensions/libxt_CONNSECMARK.man
|
Packit Service |
d1fe03 |
This module copies security markings from packets to connections
|
|
Packit Service |
d1fe03 |
(if unlabeled), and from connections back to packets (also only
|
|
Packit Service |
d1fe03 |
if unlabeled). Typically used in conjunction with SECMARK, it is
|
|
Packit Service |
d1fe03 |
valid in the
|
|
Packit Service |
d1fe03 |
.B security
|
|
Packit Service |
d1fe03 |
table (for backwards compatibility with older kernels, it is also
|
|
Packit Service |
d1fe03 |
valid in the
|
|
Packit Service |
d1fe03 |
.B mangle
|
|
Packit Service |
d1fe03 |
table).
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-save\fP
|
|
Packit Service |
d1fe03 |
If the packet has a security marking, copy it to the connection
|
|
Packit Service |
d1fe03 |
if the connection is not marked.
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-restore\fP
|
|
Packit Service |
d1fe03 |
If the packet does not have a security marking, and the connection
|
|
Packit Service |
d1fe03 |
does, copy the security marking from the connection to the packet.
|
|
Packit Service |
d1fe03 |
|