diff -Nurpa orig/linux-2.4.33.3/include/linux/netfilter_ipv4/ipt_LOG.h loguid/linux-2.4.33.3/include/linux/netfilter_ipv4/ipt_LOG.h
--- orig/linux-2.4.33.3/include/linux/netfilter_ipv4/ipt_LOG.h	2006-08-31 19:03:20.000000000 +0200
+++ loguid/linux-2.4.33.3/include/linux/netfilter_ipv4/ipt_LOG.h	2006-10-10 15:31:02.000000000 +0200
@@ -4,7 +4,8 @@
 #define IPT_LOG_TCPSEQ		0x01	/* Log TCP sequence numbers */
 #define IPT_LOG_TCPOPT		0x02	/* Log TCP options */
 #define IPT_LOG_IPOPT		0x04	/* Log IP options */
-#define IPT_LOG_MASK		0x07
+#define IPT_LOG_UID		0x08	/* Log UID owning local socket */
+#define IPT_LOG_MASK		0x0f
 
 struct ipt_log_info {
 	unsigned char level;
diff -Nurpa orig/linux-2.4.33.3/include/linux/netfilter_ipv6/ip6t_LOG.h loguid/linux-2.4.33.3/include/linux/netfilter_ipv6/ip6t_LOG.h
--- orig/linux-2.4.33.3/include/linux/netfilter_ipv6/ip6t_LOG.h	2006-08-31 19:03:20.000000000 +0200
+++ loguid/linux-2.4.33.3/include/linux/netfilter_ipv6/ip6t_LOG.h	2006-10-10 15:50:57.000000000 +0200
@@ -4,7 +4,8 @@
 #define IP6T_LOG_TCPSEQ		0x01	/* Log TCP sequence numbers */
 #define IP6T_LOG_TCPOPT		0x02	/* Log TCP options */
 #define IP6T_LOG_IPOPT		0x04	/* Log IP options */
-#define IP6T_LOG_MASK		0x07
+#define IP6T_LOG_UID		0x08	/* Log UID owning local socket */
+#define IP6T_LOG_MASK		0x0f
 
 struct ip6t_log_info {
 	unsigned char level;
diff -Nurpa orig/linux-2.4.33.3/net/ipv4/netfilter/ipt_LOG.c loguid/linux-2.4.33.3/net/ipv4/netfilter/ipt_LOG.c
--- orig/linux-2.4.33.3/net/ipv4/netfilter/ipt_LOG.c	2006-08-31 19:03:20.000000000 +0200
+++ loguid/linux-2.4.33.3/net/ipv4/netfilter/ipt_LOG.c	2006-10-10 16:15:06.000000000 +0200
@@ -332,6 +332,17 @@ ipt_log_target(struct sk_buff **pskb,
 	}
 
 	dump_packet(loginfo, iph, (*pskb)->len, 1);
+
+	if (!in && out) {
+		/* UID/GID logging for output chain only */
+		if ((loginfo->logflags & IPT_LOG_UID) && (*pskb)->sk && (*pskb)->sk->socket && (*pskb)->sk->socket->file)
+		{
+			printk("UID=%u GID=%u ",
+			       (*pskb)->sk->socket->file->f_uid,
+			       (*pskb)->sk->socket->file->f_gid);
+		}
+	}
+
 	printk("\n");
 	spin_unlock_bh(&log_lock);