Eric Leblond wrote:
Hi,
Le vendredi 12 octobre 2007 à 21:30 +0300, Jorch a écrit :
Hi,
Can somebody please give me an example how to mark & match packets
with vwmark and iptables in user queue.
I have patched the kernel (2.6.18) and iptables (1.3.8) to support
vwmark. Both progs compiles and installs ok and queue works normaly with
ipq_set_verdict but not with ipq_set_vwmark.
Got vwmark workin after i noticed i had bad test scenario to test the prog.
System works with marking and verdicts but when i try to inject modified packet
back to queue, queue seems to drop packet every time(any ideas??)
Please switch your program to work with libnetfilter_queue. It has
default support for packet marking.
If i would find some kind of installation/usage manual from somewhere it would
be great!! I have tried to get libnetfilter_queue work for several hours now
and no success. libnfnetlink 0.0.16 and libnetfilter_queue 0.0.13 compiles ok
against kernel and installs ok.
The test program (nfqnl_test) wich comes in libnetfilter_queue packet, can
open library handle but unbinding or binding causes
"NFNETLINK answers: Invalid argument" message.
BTW: I got many hits to netfilter.org/pipermail/... When i was trying to get
more information of the libnetfilter_queue, i noticed that there are man page
for libnetfilter_queue in address
http://lists.netfilter.org/pipermail/netfilter-devel/2006-February/023488.html
but for me: Forbidden, You don't have permission...
A code example can be found at :
http://software.inl.fr/trac/trac.cgi/browser/mirror/edenwall/nufw/trunk/nufw/src/nufw/authsrv.c
BR,
Regs.
-jori
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
