about NFQUEUE and nth match

Frank Abel Cancio Bello FRANKABEL at tesla.cujae.edu.cu
Tue Aug 2 01:18:33 CEST 2005

> On Mon, 2005-08-01 at 16:29 -0400, Frank Abel Cancio Bello wrote:
> > Hi all!
> > 
> > Some time ago I post a mail in this list 
> > 
> > asking about how manage packets  that was captured with "libipq" and 
> > target in different threads or process.
> > 
> > Now with the new "NFQUEUE" target I can have many process reading 
> > in different queues numbers and using "nth match" to spread equitably 
> > all process the captured packects. 
> This look terribly awfull to me ! You better use a single multithreaded
> application.

Due to libipq isn't thread-safe (see one problem in 
and I'm not a netfilter hacker I send the mail 
(https://lists.netfilter.org/pipermail/netfilter/2005-April/059499.html) but 
anybody reply. 
The problem is that I need to know if is safe make a multithreaded 
application with libipq. Now I have the same questions that that some time 

1-Exist other precaution 
that I must take?

2-Can anybody send me a sample code about a multithreaded application with 
libipq? A code different to the found in 

Excuse me my panic but the application that I pretend to develop can't fail. 
Is a traffic manager and the extrange behavior like reported in 
isn't permited.

> > My questions are:
> > 
> > 1-What libipq's functions change and how? I look in the manpage in the 
> > recent 1.3.3 iptables release and don't find anything.
> It will come soon, userspace lib is only available from svn. A compat
> libipq library is planned but there's still work to do on it.
> SVN is available at : 
>    http://svn.netfilter.org/netfilter/trunk/
> Currently the userspace API is work in progress...
> BR,
> -- 
> Eric Leblond <eric at inl.fr>
Thanks eric

More information about the netfilter mailing list