>From the docs on netfilter queues:
nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff);
...
fd = nfq_fd(h);
while ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0)
{
printf("pkt received\n");
nfq_handle_packet(h, buf, rv);
}
When the CPU hits the printf()....what exactly has been read from fd?
Looking at a hex dump of the bytes read, it doesn't look like L2+L3,
etc... But I think I'm seeing L3 about 58 bytes into the buffer. So
what are the first 58 bytes?
Which is what nfq_get_payload() returns as well.
Is there significance to those first 58 or so bytes? If I subtract 14
from nfq_get_payload(), it doesn't seem to be L2.
Stéphane
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
