Red Hat Bugzilla – Bug 613806
IPTables section should mention -j SECMARK
Last modified: 2013-02-05 18:56:34 EST
Description of problem:
The iptables section didn't have anything in there.
I do think it would be nice to mention that iptables can make use of the '-j SECMARK' feature which allows SELinux contexts to be applied to packets. This is not in RHEL5 but looking for the RFE to be completed.
I did not see it in the RHEL6 SELinux documentation either.
RFE for RHEL5.4 https://bugzilla.redhat.com/show_bug.cgi?id=535074
Daniel Walsh<email@example.com> should be able to help here or Eric Paris
<firstname.lastname@example.org> for information on how to better use this and explain it. They have been great to work with on SELinux related topics.
Version-Release number of selected component (if applicable):
added details on secmark and example usage to migration guide. changes will appear on next publish.