bugzilla-daemon at netfilter.org
2013-May-31 13:54 UTC
[Bug 775] -m owner ! --uid-owner False positive logging
https://bugzilla.netfilter.org/show_bug.cgi?id=775
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #1 from Phil Oester <netfilter at linuxace.com> 2013-05-31
15:54:11 CEST ---
If the socket is in TCP_TIME_WAIT, then the uid will not be logged as it cannot
be determined:
if (!sk || sk->sk_state == TCP_TIME_WAIT)
return;
So you would need to figure out what state this socket is in when these
"false
positives" are logged. I would suggest that given this limitation, you
either
live with the extra logging, or be more selective in what you log (e.g. by
using the ctstate match first?)
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Possibly Parallel Threads
- [Bug 775] -m owner ! --uid-owner False positive logging
- [Bug 696] Extra tcp options for REJECT --reject-with tcp-reset-both / tcp-reset-destination
- [Bug 678] add PID and UID to netfilter-queue
- [Bug 600] ULOG target does not support --log-uid
- [Bug 600] ULOG target does not support --log-uid
Wisdom of the Ancients
