Jaroslaw Rafa wrote: > [EMAIL PROTECTED] napisal(a): > >> That's a very "big" question as it covers many OSes. >> >> In Solaris, outgoing packets do carry quite a bit of information >> (process credential and often the process ID) >>
I have to look into this some more...see what appeared with which versions of solaris, etc. > [...] > >> It seems that in many OSes, such decisions would need to be made >> at a higher level, e.g., in the connect() or sendto() system calls. >> > > Actually, I need it on Solaris 9. Can you point me to some ideas? > And I'm still curious if it's possible to use "auth" and/or "preauth" rules > in ipfilter in some way to achieve this? They are undocumented, and I don't > know what can they be used for.. > "auth" rules are used for trapping packets into user space for determining whether or not to "pass", "block", "log", "keep state", etc, with a packet. Darren
