Hi, When I process a packet with libnetfilter_queue, would it be safe to: 1) Consider a packet is always valid, for example, In the callback, you extract the payload to a "char *data", now you want the protocol id, so you check data[9], Is it safe if I don't check the package length first? (Would Iptables drop it manually?) -- Best Regards, Aaron Lewis - PGP: 0xDFE6C29E ( http://keyserver.veridis.com ) Finger Print: 9482 448F C7C3 896C 1DFE 7DD3 2492 A7D0 DFE6 C29E -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
