netfilter_queue reinjecting packets
Patrick McHardy
kaber at trash.net
Sun Mar 12 20:35:40 CET 2006
aton wrote:
>>nfnql_test already reinjects packets by the call to nfq_issue_verdict.
>>It seems you need to read the documentation ..
>>
>
> sorry, but i cannot find any call to nfq_issue_verdict in this file.
> perhaps you mean nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ?
Yes, thats what I meant.
> i thought nfq_set_verdict was used to specify a handling routine for the packets... in the case of nfq_test.c set the handling routine for packets to the print_pkt() function.
> am i wrong?
Yes. nfq_set_verdict is used to tell the kernel to pass the packet
on and possibly exchange it. Both print_pkt and nfq_set_verdict
are called from the packet callback in the example code.
> what documentation? i would _love_ to read some documentation about libnetfilter_queue.
> i have looked through http://netfilter.org/documentation/index.html#documentation-howto but i cannot find anything specific about libnetfilter_queue...
I don't think there is specific libnetfilter_queue documentation yet
(but its very simple and exports only a few functions, look at the
code). But we have ip_queue documentation, which should at least
help you understand it better conceptually.
More information about the netfilter-devel
mailing list