[PATCH] netfilter: Record uid and gid in xt_AUDIT
Richard Weinberger
richard at sigma-star.at
Thu Oct 10 20:40:22 UTC 2024
Am Donnerstag, 10. Oktober 2024, 21:09:31 CEST schrieb Paul Moore:
> However, as part of that commit we also dropped a number of fields
> because it wasn't clear that anyone cared about them and if we were
> going to (re)normalize the NETFILTER_PKT record we figured it would be
> best to start small and re-add fields as needed to satisfy user
> requirements. I'm working under the assumption that if you've taken
> the time to draft a patch and test it, you have a legitimate need :)
I'm currently exploring ways to log reliable what users/containers
create what network connections.
So, netfilter+conntrack+xt_AUDIT seemed legit to me.
Thanks,
//richard
--
sigma star gmbh | Eduard-Bodem-Gasse 6, 6020 Innsbruck, AUT
UID/VAT Nr: ATU 66964118 | FN: 374287y
More information about the Linux-security-module-archive
mailing list