On Wed, Oct 30, 2019 at 10:15:21AM +0100, Pablo Neira Ayuso wrote: > On Wed, Oct 30, 2019 at 08:07:07PM +1100, Duncan Roe wrote: > > Hi Pablo, > > > > When setting verdicts, does sending amended packet contents imply to accept the > > packet? In my app I have assumed not and that seems to work fine, but I'd like > > to be sure for the doco. > > If you set the verdict to NF_ACCEPT and the packet that you send back > to the kernel is mangled, then the kernel takes your mangled packet > contents. > > Thanks. Thanks Pablo I knew that, but what happens if you send back mangled contents and no NF_ACCEPT or NF_DROP? Does the kernel keep waiting until you send one of these? Cheers ... Duncan.
