Why do some outgoing IP traffic not contain UID information?

iptables tcp uid

Solution 1:

One of the usual reasons is the terminating FIN ACK sequence. Once a client application calls close() on the TCP socket, an ACK + FIN packet is sent to the server and the client program exits. At this point, there is no process associated with the TCP connection but it is not finished yet.

When applying an owner filter, it is customary to also add a rule to ACCEPT packets with state ESTABLISHED to cover these "residual packets". 

iptables -A OUTPUT -p tcp --dport 443 -m owner --uid-owner foo -j ACCEPT
iptables -A OUTPUT -p tcp --dport 443 -m state --state ESTABLISHED -j ACCEPT

Related

DNS Question: Run own server, use registrar's, or 3rd party company?
Provide a user with service start/stop permissions
UNEXPECTED INCONSITENCY run fsck manually redhat
Iptables bang position
How can I determine what hosting provider hosts a site?
Webserver in docker container is not reachable via the internet
Host a Debian repository on a Windows Web/Ftp server
DRBD / Heartbeat on Virtual Machines
iDRAC 7 Enterprise does not work properly
PowerShell 7.0 / 7.1 and .NET runtimes
Structuring an OU to properly model an Organizational Hierarchy
Is there a way to suppress "x rows affected" in SQLCMD from the command line?