On 11.11.2010 11:05, Kfir Lavi wrote: > Hi, > It seems to me that its not possible to do a verdict in userspace of > ethernet packets, like it is done with nfqueue and iptables. > Why it is not implemented? Nobody ever implemented it. IIRC the main problem is that under certain circumstances the packets need to be passed back to __netif_receive_skb() when queuing in LOCAL_IN, which isn't possible from the completion handler. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
