Bug 613806 - IPTables section should mention -j SECMARK
IPTables section should mention -j SECMARK
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Migration_Guide (Show other bugs)
6.0
All Linux
low Severity medium
: rc
: ---
Assigned To: Laura Bailey
ecs-bugs
: Documentation
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-12 16:53 EDT by Robin R. Price II
Modified: 2013-02-05 18:56 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-25 18:45:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Robin R. Price II 2010-07-12 16:53:30 EDT
Description of problem:

The iptables section didn't have anything in there.  
I do think it would be nice to mention that iptables can make use of the '-j SECMARK' feature which allows SELinux contexts to be applied to packets.  This is not in RHEL5 but looking for the RFE to be completed.

I did not see it in the RHEL6 SELinux documentation either.

RFE for RHEL5.4 https://bugzilla.redhat.com/show_bug.cgi?id=535074

Daniel Walsh<dwalsh@redhat.com>  should be able to help here or Eric Paris
<eparis@redhat.com>  for information on how to better use this and explain it.  They have been great to work with on SELinux related topics.


Version-Release number of selected component (if applicable):
RHEL6u0
Comment 2 Scott Radvan 2010-07-25 18:45:37 EDT
added details on secmark and example usage to migration guide. changes will appear on next publish.

Note You need to log in before you can comment on or make changes to this bug.