Pal Szasz asked:
I’m learning iptables and I have a hard time understanding when to use the “–socket-exists” option of the “owner” matcher. Could you explain what is the practical benefit of this option (with an example, if possible)?
You would use
--socket-exists to determine that a packet originated locally on the system, where outgoing packets are associated with a socket, instead of a forwarded packet that originated from another system, which has no associated socket.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.