Hi Pablo, This is as you requested, except as below and the sample prints the message > "This kernel version does not allow to retrieve security context.\n" (i.e. same as what utils/nfqnl_test.c does) instead of exit(EXIT_FAILURE) as you suggested. Looking at an 80cc man page, I think NLM_F_xxx looks better than NLM_F_*. Also the code sample wrapped on the nfq_nlmsg_put2() line, so split it. The code sample mixed nlrxbuf and nltxbuf. Now all just buf. On Fri, Nov 24, 2023 at 09:38:55AM +0100, Pablo Neira Ayuso wrote: > On Mon, Nov 20, 2023 at 12:08:49PM +1100, Duncan Roe wrote: [...] > > + > > +/** > > + * nfq_nlmsg_put2 - Set up a netlink header with user-specified flags > > + * in a memory buffer > > + * \param *buf Pointer to memory buffer > > + * \param type Either NFQNL_MSG_CONFIG or NFQNL_MSG_VERDICT > > > This can be any value in enum nfqnl_msg_types. I think not. NFQNL_MSG_PACKET is from kernel to userspace. Have added NFQNL_MSG_VERDICT_BATCH to complete the list of allowed values. Cheers ... Duncan. Duncan Roe (1): src: Add nfq_nlmsg_put2() - user specifies header flags .../libnetfilter_queue/libnetfilter_queue.h | 1 + src/nlmsg.c | 57 ++++++++++++++++++- 2 files changed, 57 insertions(+), 1 deletion(-) -- 2.35.8
