iptables -A OUTPUT -j ACCEPT -m owner --pid-owner 1234
想利用脚本提取某个程序的pid然后间接管理哪些软件可以上网,我默认的OUTPUT是DROP
提示:
iptables v1.4.16.2: unknown option "--pid-owner"
Try `iptables -h' or 'iptables --help' for more information.
是不是我的iptabels要打补丁呀,还是这个pid的功能被淘汰了?
查了iptabels的帮助,在owner模块中的解释是(来自http://os.51cto.com/art/201108/285707_1.htm):
--cmd-owner name
Matches if the packet was created by a process with the given command name. (this option is present only if iptables was compiled under a kernel supporting this feature)
我毫无头绪,我该怎么做才能在iptables中owner模块中使用pid
请大神指教
acsk1234 于 2014-06-03 22:55:03发表:
xuexixuexi