Hi Pablo, Queue handling [DEPRECATED] in libnetfilter_queue.c documents these 3: > 278 * - NF_ACCEPT the packet passes, continue iterations > 281 * - NF_REPEAT iterate the same cycle once more > 282 * - NF_STOP accept, but don't continue iterations In my tests, NF_REPEAT works as documented - the input hook presents the packet a second time. But, contrary to the above, the packet does not show again after NF_ACCEPT. Is that expected behaviour nowadays? And if so, does that make NF_STOP redundant? BTW if you'd like to try it, my test program nfq6 is a subdirectory at https://github.com/duncan-roe/nfq (nfq itself is an ad blocker). Cheers ... Duncan.
