On 05/11/10 12:09, Alessandro Vesely wrote: > On 03/Nov/10 19:35, Pablo Neira Ayuso wrote: >> On 02/11/10 16:46, Rajkumar S wrote: >>> I am using utils/nfqnl_test.c as my test program >> >> Please, see: >> >> http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_queue.git;a=commitdiff;h=37791b0eb98c00098a6410f6dedfdce92fc88f3e;hp=c4692e02d4fc804f7aa31f407d7d2f31861753bc > > Thanks for the improved docs! > > For older kernels, would it also help setting something like > -A INPUT -m limit --limit 10/second -j NFQUEUE --queue-num 0? I don't want to add that in the docs, sorry. It looks more like a crafty workaround. > Would you please also amend nfqnl_test.c? From this thread I grasp that > packets that overflowed the queue are still received/ transmitted, but > am unable to do better than the attached (untested) patch. I have pushed the following patch, it's based on yours (i have however respected your credits). http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_queue.git;a=commit;h=a10a4d9291181a142ff85b0db8f2907cd05b978f Mistick Levi sent a similar patch in the same timeline, btw. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
