The following patch is an example of a userspace tools (in fact, iptables) that use the new netlink API to monitor tables activity. I will also send a patch against libnfnetlink to update linux includes with this new feature. Maybe another API can be used for this feature: adding a setsockopt() on an iptc socket to enable monitoring. When a table is updated, a packet (built with CMSG_* macro for example) can be sent over all sockets that monitor tables acitivity (like km sockets in IPsec). I know that this socket was used only with [g|s]etsockopt(), but this can avoid adding another netlink API. Comments are welcome. Regards, Nicolas -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html