Could use some advice. I have a user space program and want process all packets coming into the box (PREROUTING) and going out of the box (POSTROUTING).
POSTROUTING works as advertised, but I can not get PREROUTING, INPUT or OUTPUT hooks to send the packets the user program.
I am adding a QUEUE rule to the mangle table. (Seems to behave the same on filter table also.)
No other rules are defined.
Any ideas what might be wrong?
--------------
This is an out of the box Fedora-3 dirstro
uname -a
Linux localhost.localdomain 2.6.9-1.667 #1 Tue Nov 2 14:41:25 EST 2004 i686 i686 i386 GNU/Linux
--------------
This works, sends packets to userspace program:
# Generated by iptables-save v1.2.11 on Wed Dec 22 12:12:01 2004 *mangle :PREROUTING ACCEPT [139:11833] :INPUT ACCEPT [8385:713319] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [8366:708686] :POSTROUTING ACCEPT [7643:652716] -A POSTROUTING -j QUEUE <------------------- COMMIT # Completed on Wed Dec 22 12:12:01 2004
--------------- This does no work, processes packets normally, ignores rule # Generated by iptables-save v1.2.11 on Wed Dec 22 12:09:03 2004 *mangle :PREROUTING ACCEPT [76:6541] :INPUT ACCEPT [8206:697972] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [8186:693255] :POSTROUTING ACCEPT [7476:638066] -A PREROUTING -j QUEUE <--------------- COMMIT # Completed on Wed Dec 22 12:09:03 2004
