Hello. Samir Bellabes wrote: > at security_socket_accept(), the user only accept the fact that the > application is able to go to sock->ops->accept(). That's the purpose of > this hook. Yes. This hook can't perform filtering. > After, when packet are coming, we can catch them with > libnetfilter_queue, and deal with filtering packets. Is this performed inside sock->ops->accept()? > here we agree. *but* in my module, the user don't judge before > sock->ops->accept(). He judges when packets are coming, throught the > libnetfilter_queue API, in userspace, and reinject packet if it's ok. I didn't understand what is happening. Is there a hook which can perform filtering inside sock->ops->accept()? Regards. - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html