QUEUE vs ULOG

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am able to capture packets via QUEUE, but not ULOG.

I've have these two rules:

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ULOG       0    --  anywhere             10.0.0.2            ULOG
copy_range 0 nlgroup 1 queue_threshold 1 
QUEUE      0    --  anywhere             10.0.0.1

And I'm running 

libnetfilter_queue/utils/nfqnl_test

and

libnetfilter_log/utils/nfulnl_test

When I ping 10.0.0.1 I get

pkt received
hw_protocol=0x0000 hook=3 id=4 outdev=3 payload_len=84 
entering callback
pkt received
hw_protocol=0x0000 hook=3 id=5 outdev=3 payload_len=84 

from the nfqnl_tst process.

When I ping 10.0.0.2 I get nothing from the nfulnl_test process.

When I run 'nfulnl_test' I get this output
unbinding existing nf_log handler for AF_INET (if any)
binding nfnetlink_log to AF_INET
binding this socket to group 0
binding this socket to group 100
setting copy_packet mode
registering callback for group 0
going into main loop

The 100, and zeros worry me a little, since the iptables end talks
about groups but limits them to the range 1-32.

What have I failed to understand about ULOG?

Thank you,

-- 
Brian Litzinger


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux