Sunny73Cr <Sunny73Cr@xxxxxxxxxxxxxx> 于2025年4月16日周三 04:24写道: > > > iptables -m owner --socket-exist > > You may be looking for 'meta skuid'; you'll need the user ID that 'owns' a 'service'. You can `cat /etc/passwd` to find this information. 'meta skuid' will match a packet that is destined to or sourced from a socket that is owned by the user id that you specify. What if I want something like `iptables -A OUTPUT -m owner --socket-exists -j LOG --log-prefix OWN_SOCKETS`? I just want to check is there a local socket associated with the packet or not. > > Try `su -l [username] -c "[executable path]"` to run a program as another user; if it does not do so already. > > Regards, > sunny > >
