]>
Commit | Line | Data |
---|---|---|
537831f9 AM |
1 | diff -upr linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h |
2 | --- linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h 2008-04-17 02:49:44.000000000 +0000 | |
3 | +++ linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h 2008-05-20 18:36:38.074950561 +0000 | |
2380c486 JR |
4 | @@ -5,12 +5,16 @@ enum { |
5 | XT_OWNER_UID = 1 << 0, | |
6 | XT_OWNER_GID = 1 << 1, | |
7 | XT_OWNER_SOCKET = 1 << 2, | |
8 | + XT_OWNER_XID = 1 << 3, | |
9 | + XT_OWNER_NID = 1 << 4, | |
10 | }; | |
11 | ||
12 | struct xt_owner_match_info { | |
9474138d AM |
13 | __u32 uid_min, uid_max; |
14 | __u32 gid_min, gid_max; | |
15 | __u8 match, invert; | |
16 | + __u32 nid; | |
17 | + __u32 xid; | |
2380c486 JR |
18 | }; |
19 | ||
20 | #endif /* _XT_OWNER_MATCH_H */ | |
2380c486 JR |
21 | diff -upr linux-2.6.25/net/netfilter/xt_owner.c linux-2.6.25-owner-xid/net/netfilter/xt_owner.c |
22 | --- linux-2.6.25/net/netfilter/xt_owner.c 2008-05-20 17:15:02.411418369 +0000 | |
23 | +++ linux-2.6.25-owner-xid/net/netfilter/xt_owner.c 2008-05-20 17:48:15.774419069 +0000 | |
2380c486 JR |
24 | @@ -113,6 +133,16 @@ owner_mt(const struct sk_buff *skb, cons |
25 | !(info->invert & XT_OWNER_GID)) | |
26 | return false; | |
27 | ||
28 | + if (info->match & XT_OWNER_NID) | |
29 | + if ((skb->sk->sk_nid != info->nid) ^ | |
30 | + !!(info->invert & XT_OWNER_NID)) | |
31 | + return 0; | |
32 | + | |
33 | + if (info->match & XT_OWNER_XID) | |
34 | + if ((skb->sk->sk_xid != info->xid) ^ | |
35 | + !!(info->invert & XT_OWNER_XID)) | |
36 | + return 0; | |
37 | + | |
38 | return true; | |
39 | } | |
40 |