Guest session network lockdown
Krzysztof Lichota
krzysiek at lichota.net
Mon Aug 4 10:44:13 BST 2008
2008/8/1 Martin Pitt <martin.pitt at ubuntu.com>:
> Steve Beattie [2008-07-31 11:44 -0700]:
>> Unfortunately, ipt_owner (aka the 'owner' module) has been disabled
>> since around 2.6.14 because it used/abused the then-existing
>> task list lock. As of 2.6.24, the ipt_owner code looked like this:
>> http://lxr.linux.no/linux+v2.6.24.7/net/ipv4/netfilter/ipt_owner.c and
>> the module appears to have been dropped entirely in the 2.6.25 cycle.
>
> Oh, thanks for pointing out. That pretty much resolves most of the
> questions anyway, then.
Owner matching functionality has been moved into xt_owner module. See:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0265ab44bacc1a1e0e3f5873d8ca2d5a29e33db2
HTH
--
Krzysztof Lichota
More information about the ubuntu-devel
mailing list