Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT

From: Richard Weinberger
Date: Thu Oct 10 2024 - 16:40:40 EST

Next message: Jakub Kicinski: "Re: [PATCHv5 net-next 0/7] ibm: emac: more cleanups"
Previous message: Mayank Rana: "Re: [PATCH v5] PCI: Enable runtime pm of the host bridge"
In reply to: Paul Moore: "Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Donnerstag, 10. Oktober 2024, 21:09:31 CEST schrieb Paul Moore:
> However, as part of that commit we also dropped a number of fields
> because it wasn't clear that anyone cared about them and if we were
> going to (re)normalize the NETFILTER_PKT record we figured it would be
> best to start small and re-add fields as needed to satisfy user
> requirements. I'm working under the assumption that if you've taken
> the time to draft a patch and test it, you have a legitimate need :)

I'm currently exploring ways to log reliable what users/containers
create what network connections.
So, netfilter+conntrack+xt_AUDIT seemed legit to me.

Thanks,
//richard

--
sigma star gmbh | Eduard-Bodem-Gasse 6, 6020 Innsbruck, AUT
UID/VAT Nr: ATU 66964118 | FN: 374287y

Next message: Jakub Kicinski: "Re: [PATCHv5 net-next 0/7] ibm: emac: more cleanups"
Previous message: Mayank Rana: "Re: [PATCH v5] PCI: Enable runtime pm of the host bridge"
In reply to: Paul Moore: "Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]