Hello Everyone,
I am working for a while on two projects (libnetfilter_queue and
linbetfilter_contrack) to get the decision of destined of packets that
arrived in our project. It greats to get the control of all packets.
But I confused a little.
In my solution i just want to forward all packets that are in the same
conditions (for example: all packets are received from specific
IP:PORT address) to another destination. I could add simply add new
rule in llinbetfilter_contrack list (like the samples that are exist
in linbetfilter_contrack/utility project).
But actually i want to use NFQUEUE to get all packets in my user-space
and then add new rule in linbetfilter_contrack list. In other words,
the verdict in my sulotions is not ACCEPT or DROP the packet, it
should add new rule in linbetfilter_contrack list if it is not exist.
Is it possible?
I am thinking about this, But I am not sure it is correct or not?
For example:
static int cb(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
struct nfq_data *nfa, void *data)
{
uint32_t id = print_pkt(nfa);
printf("entering callback\n");
if (not exist in list){
ct = nfct_new();
if (ct == NULL) {
perror("nfct_new");
return 0;
}
Add_to_list();
}
return;
}
--
--Mojtaba Esfandiari.S
