filtering packets for a specific application
Is there a way to create a firewall rule to filter a packet based on which application generated it? Like zonealarm on windoze ;)?
I thought that using the iptables "owner" module would do the trick, and this is what I get:
$ iptables -A OUTPUT -m owner --cmd-owner someprog -j REJECT
iptables: Invalid argument
$ tail /var/log/messages
Mar 16 21:58:34 localhost kernel: ipt_owner: pid, sid and command matching not supported anymore
So, it has been disabled for some reason I can't understand. Is there a better way to do the same? Can it be reenabled recompiling the kernel from source?
I'm using fedora core 4 with kernel 2.6.15, but using 2.6.14 gives the same error.