On 03/Nov/10 19:35, Pablo Neira Ayuso wrote:
On 02/11/10 16:46, Rajkumar S wrote:
I am using utils/nfqnl_test.c as my test program
Please, see:
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_queue.git;a=commitdiff;h=37791b0eb98c00098a6410f6dedfdce92fc88f3e;hp=c4692e02d4fc804f7aa31f407d7d2f31861753bc
Thanks for the improved docs!
For older kernels, would it also help setting something like
-A INPUT -m limit --limit 10/second -j NFQUEUE --queue-num 0?
Would you please also amend nfqnl_test.c? From this thread I grasp
that packets that overflowed the queue are still received/
transmitted, but am unable to do better than the attached (untested)
patch.
--- nfqnl_test.original.c 2009-02-17 20:27:28.000000000 +0100
+++ nfqnl_test.c 2010-11-05 11:24:26.000000000 +0100
@@ -8,6 +8,8 @@
#include <libnetfilter_queue/libnetfilter_queue.h>
+#include <errno.h>
+
/* returns packet id */
static u_int32_t print_pkt (struct nfq_data *tb)
{
@@ -115,9 +117,21 @@
fd = nfq_fd(h);
- while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) {
- printf("pkt received\n");
- nfq_handle_packet(h, buf, rv);
+ for (;;) {
+ if ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0) {
+ printf("pkt received\n");
+ nfq_handle_packet(h, buf, rv);
+ continue;
+ }
+ /* if the computer is slower than the network the buffer
+ * may fill up. Depending on the application, this error
+ * may be ignored */
+ if (errno == ENOBUFS) {
+ printf("pkt lost!!\n");
+ continue;
+ }
+ printf("recv failed: errno=%d (%s)\n",
+ errno, strerror(errno));
}
printf("unbinding from queue 0\n");
