Add support for network policy based on secmark labels (!306) · Merge requests · AppArmor / apparmor

Matthew Garrett requested to merge mjg59/apparmor:network into master Jan 17, 2019

Extend network rules such that they can have a label= argument that matches off secmark rules. If a rule has a label argument then it will be matched by any packets meeting those conditions and having the appropriate secmark label.

Edited Feb 07, 2019 by Matthew Garrett

Add support for network policy based on secmark labels

Merge request reports