How can I get these packets in the user space application?
Performance Issues?
Henrik Nordstrom
hno at marasystems.com
Thu Dec 9 18:02:15 CET 2004
On Thu, 9 Dec 2004, Steven J Scott wrote:
> I have a side question on this. I have a kernel module that creates a
> netfilter hook that looks for packets with a certain source port, and then
> directs them to NF_QUEUE, and I have a user space application that receives the queued packets.
> Since I am only queuing packets I want to monitor/modify is my performance
> hit significant? Or am I better off doing everything within the kernel
> module?
Only the packets you return NF_QUEUE on receives a noticeable performance
penalty.
But if all you do is to look into the source port then why not use plain
iptables for the match?
Regards
Henrik
More information about the netfilter-devel
mailing list