Hello,
Le mardi 19 janvier 2010 à 21:25 +0200, Mistick Levi a écrit :
> Hi,
> I've worked with libipq, and libnetfilter_queue, and i got to a place
> where my userspace code can't get anymore packets( with the message:
> netlink message: no buffer space available ) .
>
> Now what i want to do is this:
> Read a packet from the queue, copy it to my own queue/location in my
> program, and re injecting the packet later on with my verdict, after i
> finished.
This is how it works ;)
In fact, the 'no buffer space available' message is due to your program
not getting packets as fast as needed: The kernel is sending packet to a
netlink socket and the internal buffer of the socket gets filled with
the packets waiting to be read.
What you need to do is:
* read packet as fast as you can (your callback function has to be
fast)
* do the intensive or delay needing work outside of the callback
(via a thread or something)
It last option is not possible, you can increase the netlink buffer size
via the nfnl_rcvbufsiz function. "Standard" syntax is the following:
nfnl_rcvbufsiz(nfq_nfnlh(my_nfq_handle), NFQ_NF_BUFSIZE);
BR,
>
> but to my best of my understanding, until i send a verdict the packet
> still takes place in the queue.
> and i've read something about using NF_STOLEN and then reinject, but i
> dont think that NF_STOLEN is a valid verdict.
>
> Any ideas on how i can do what it is i wish to do? ( Clear the kernel
> queue by transferring the packets to my queue ).
>
> Kind regards
> Levi Yechiel
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Eric Leblond <eric@xxxxxx>
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
