How can I get these packets in the user space application? Performance Issues?

Steven J Scott sjscott at ra.rockwell.com
Thu Dec 9 16:38:52 CET 2004 

I have a side question on this.  I have a kernel module that creates a 
netfilter hook that looks for packets with a certain source port, and then 
directs them to NF_QUEUE, and I have a user space application that receives the queued packets. 
Since I am only queuing packets I want to monitor/modify is my performance 
hit significant?  Or am I better off doing everything within the kernel 
module?

Thanks,

Steven Scott - CISSP, CISA, RHCT, LCP, MCSE
Rockwell Automation / Advanced Technology
sjscott at ra.rockwell.com
<---------------------------------------------------->
(This email was sent via Notes running on Linux)




"Maarten Wijnants" <maarten.wijnants at pandora.be>
Sent by: netfilter-devel-bounces at lists.netfilter.org
09/12/2004 07:24 AM

 
        To:     "Srinivas G." <srinivasg at esntechnologies.co.in>, "Henrik Nordstrom" 
<hno at marasystems.com>
        cc:     kung at uiuc.edu, netfilter-devel at lists.netfilter.org, "Mukund JB." 
<mukundjb at esntechnologies.co.in>, Diego Woitasen <diegows at linux.org.ar>
        Subject:        Re: How can I get these packets in the user space application?


Hello Srinivas G,

> My doubt is: How the user application can get the packet from the 'hook'
> function? What APIs are used in the user space application to access the
> packet from the hook function?

I am trying to understand your current situation. So you have a kernel 
module that is subscribed to a certain netfilter hook and as a result 
starts 
receiving packets; and now you want to pass these packets from your kernel 

module to a userspace application? Is this correct?

If this is your current situation, you should issue a NF_QUEUE verdict for 

arriving packets in your kernel module to queue the packets to userspace. 
Subsequently, you will need to create a userspace application to receive 
the 
queued packets and run it. You can use libipq to write a userspace 
application that will accept queued packets. See the man page of libipq 
for 
more information on how to do this (the man page contains a fully working 
example).

I hope this helps you. Regards,
Maarten

More information about the netfilter-devel mailing list