In 4.20 we landed some of the infrastructure to support this. Specifically secmark support was landed which provides the infrastructure needed for apparmor labels to interact with iptables and iptables to interact with apparmor.
This isn't something generally available for use yet as it infrastructure work necessary for full fine grained network mediation
In 4.20 we landed some of the infrastructure to support this. Specifically secmark support was landed which provides the infrastructure needed for apparmor labels to interact with iptables and iptables to interact with apparmor.
This isn't something generally available for use yet as it infrastructure work necessary for full fine grained network mediation