hi, commit 4a19ec5800fc3bb64e2d87c4d9fdd9e636086fe0 in Jan 2008 added the new SO_MARK socket option. http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4a19ec5800fc3bb64e2d87c4d9fdd9e636086fe0 A possible text for this option could maybe be (from the above commit message) SO_MARK Set the mark for each packets this socket sends (similar to the netfilter MARK target but socket based). Changing the mark can be used for mark based routing without netfilter or for packet filtering. Setting this option is only allowed for processes with the CAP_NET_ADMIN capability. -- I'm not sure if the sentence about CAP_NET_ADMIN is right for the manpage. Similar options seem to mention effective uid=0 also. The code only checks for the CAP_NET_ADMIN, but some other layer might set that when gaining uid 0.
Martin, I applied a modified version of your patch for 3.42. Thanks, Michael --- a/man7/socket.7 +++ b/man7/socket.7 @@ -19,11 +19,10 @@ .\" The following are not yet documented: .\" SO_PEERNAME .\" SO_TIMESTAMPNS -.\" SO_MARK (see https://bugzilla.kernel.org/show_bug.cgi?id=16461) .\" SO_TIMESTAMPING (2.6.30) .\" SO_RXQ_OVFL (2.6.33) .\" -.TH SOCKET 7 2012-04-23 Linux "Linux Programmer's Manual" +.TH SOCKET 7 2012-07-07 Linux "Linux Programmer's Manual" .SH NAME socket \- Linux socket interface .SH SYNOPSIS @@ -320,6 +319,17 @@ When the socket is closed as part of .BR exit (2), it always lingers in the background. .TP +.BR SO_MARK " (since Linux 2.6.25)" +.\" commit 4a19ec5800fc3bb64e2d87c4d9fdd9e636086fe0 +.\" and 914a9ab386a288d0f22252fc268ecbc048cdcbd5 +Set the mark for each packet sent through this socket +(similar to the netfilter MARK target but socket-based). +Changing the mark can be used for mark-based +routing without netfilter or for packet filtering. +Setting this option requires the +.B CAP_NET_ADMIN +capability. +.TP .B SO_OOBINLINE If this option is enabled, out-of-band data is directly placed into the receive data stream.