[In the news] Using SELinux and iptables Together

Rahul Sundaram metherid at gmail.com
Thu Mar 17 09:39:09 UTC 2011


Article by Red Hat SELinux engineer, Dan Walsh


"One of the things I have wanted to do with SELinux for years is figure
out a way to make SELinux and iptables work together, but each time I
looked at it, my use cases became too complicated. James Morris and Paul
Moore worked on a tool called Secmark way back in the Red Hat Enterprise
Linux (RHEL) 5 time frame. My simple implementation of Secmark is to use
iptables rules to define labels on packets as they flow within an
SELinux system."


More information about the marketing mailing list