Hello, Le mercredi 20 janvier 2010 à 22:13 +0200, Mistick Levi a écrit : > 2010/1/20 Eric Leblond <eric@xxxxxx>: > > Hello, > > > > Le mardi 19 janvier 2010 à 21:25 +0200, Mistick Levi a écrit : > >> Hi, > >> I've worked with libipq, and libnetfilter_queue, and i got to a place > >> where my userspace code can't get anymore packets( with the message: > >> netlink message: no buffer space available ) . > >> > >> Now what i want to do is this: > >> Read a packet from the queue, copy it to my own queue/location in my > >> program, and re injecting the packet later on with my verdict, after i > >> finished. > > > > This is how it works ;) > > > > In fact, the 'no buffer space available' message is due to your program > > not getting packets as fast as needed: The kernel is sending packet to a > > netlink socket and the internal buffer of the socket gets filled with > > the packets waiting to be read. > > > > What you need to do is: > > * read packet as fast as you can (your callback function has to be > > fast) > > * do the intensive or delay needing work outside of the callback > > (via a thread or something) > > What do you mean by doing the delay needing work outside of the > callback? in the end of the callback i should give a verdict, no ? No, this is not necessary. The verdict can be called from anywhere else in your program. BR, -- Eric Leblond <eric@xxxxxx> INL: http://www.inl.fr/ NuFW: http://www.nufw.org/
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
