So you can do whatever you want with it.
> > $ sed -n -e '1874,1876p' /usr/src/linux-2.4.0/Documentation/Configure.help
> > CONFIG_IP_NF_QUEUE
> > Netfilter has the ability to queue packets to user space: the
> > netlink device can be used to access them using this driver.
> > $ lynx /usr/share/doc/iptables/html/packet-filtering-HOWTO-7.html
> Yeah, after some quick googling and freshmeating, i came accross a daemon
> that picked up these QUEUEd packets and multiplexed them to various child
> processes, which seemed very innefcient, the documentation said something
> about QUEUE not being multicast in nature, like the old firewall netlink.
This is true. This is called ipqmpd or something similar and written by
Harald Welte, yes?
Your best option is to either check out libipq (can be found in the
directory of the same name in the iptables sources), which provides
clean C interfaces, or the PERL interface, available from
> What was wrong with the firewall netlink? My re-implementation works great
> here. I can't see why anything else would be needed, QUEUE seems twice as
> complex. Unless with QUEUE the userspce applications can make decisions on
> what to do with the packet? In which case, it would be far too inefficient
> for an application like mine, where all i need is to be able to read the
> IP datagrams..
It can modify and then reinject the packet if it so wishes.
> Am I missing something totally obvious?
It just does more stuff. A plane is far more complex than a car, but
with an added feature - it also flies above the ground.
-- Daniel Stone Linux Kernel Developer firstname.lastname@example.org
-----BEGIN GEEK CODE BLOCK----- Version: 3.1 G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++ D+ G e->++ h!(+) r+(%) y? UF++ ------END GEEK CODE BLOCK------
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com Please read the FAQ at http://www.tux.org/lkml/