On Thu, Nov 11, 2010 at 12:48 PM, Patrick McHardy <kaber@xxxxxxxxx> wrote: > > On 11.11.2010 11:05, Kfir Lavi wrote: > > Hi, > > It seems to me that its not possible to do a verdict in userspace of > > ethernet packets, like it is done with nfqueue and iptables. > > Why it is not implemented? > > Nobody ever implemented it. IIRC the main problem is that under > certain circumstances the packets need to be passed back to > __netif_receive_skb() when queuing in LOCAL_IN, which isn't > possible from the completion handler. Thanks Patrick for your replay. Can you explain why it's not possible to pass packets back? Also, why should packets need to be sent back? Thanks, Kfir -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
