I've never heard of NFLOG or ULOG, is there any documentation under netfilter on how to use it? How would I get the data that I want (to sniff) using NFLOG/ULOG? Dave On Mon, Jul 28, 2008 at 10:43 AM, Eric Leblond <eric@xxxxxx> wrote: > Hello, > > On Monday, 2008 July 28 at 10:21:43 -0400, David Boulding wrote: >> Thanks for the reply. >> I knew of nfq_get_packet_hw(), but I'm looking for a way to get the raw byte >> > > >> > > I'm developing with libnetfilter_queue, using "iptables -A FORWARD ." to >> > > capture packets of interest on a bridge for analysis (firewall). > > As you said "analysis", you may only want to "sniff" packet. In that case, > you can use NFLOG (latest git) or ULOG. > > NFQUEUE moudle uses the dev_parse_header() function which only return the > source hardware address. You will not be able to retrieve the wanted > information without patching the kernel. > > BR, > -- > Eric Leblond > INL: http://www.inl.fr/ > NuFW: http://www.nufw.org/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkiN2x0ACgkQnxA7CdMWjzJSmQCdHBt2ro5Tx7m5GbWhl7uGZz7l > 5H8Anjc9CaBwO/tOVaywfm+WwzeeBayE > =felb > -----END PGP SIGNATURE----- > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
