Question about libnetfilter_queue

Lionel Flahaut lionelflahaut at
Mon Jul 2 12:10:52 CEST 2007


I'm working on a content filtering application for http in user space  
using the libnetfiter_queue.

I have to handle tcp packet on port 80, check their content until a  
complete http response has been received before sending the original  
or  modified packets.

I need to send modified packet when the content is not appropriate  
for children and need to be changed to the block page.

Until now, I successfully intercept the first packet of http  
response, mangle it to the block and set a verdict NF_ACCEPT to the  
modified packet.

Now, I want to get all the packet of a http response not only the  
first before mangling it.

I think about the NF_STOLEN verdict to keep the packets in userspace  
and set a verdict later but I didn't find a way to reinject stolen  
packet in netfilter.

Is using NF_STOLEN verdict the good way for doing what I need?

If so, how do I reinject the packet ?

Thank you for your answer.


More information about the netfilter-devel mailing list