On Thursday 2012-04-19 19:58, Jeff Haran wrote: > >I'm not an expert in this interface, but what I've observed is when user space >reads a packet off of a socket to an NFQUEUE, a subsequent read on that socket >will block if the first packet is not returned via nfq_set_verdict(), even if >further packets have been queued from the kernel. So simply set the verdict to NF_DROP for every input frame and send out combined frames that are not linked to any prior packet. So far the theory. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
