Hello! I've originally written this to the netfilter-devel list, but got no reply, so I thought I might've asked in the wrong place? I would like to write a netfilter module to modify packets going in and out of my machine (TCP/IP headers, maybe content) after some analysis of the packet. For this, I wanted to extend nftables with new matches or targets that control this modification behavior. I've looked around some, but couldn't find documentation on how to do this properly using nftables, can someone point me in the right direction? Using a netfilter/iptables combo, this kind of extension seems to be pretty well documented (e.g. at the HOWTO page for netfilter hacking [1]). I could also go this route, but as nftables seems to be poised to succeed iptables, I wanted to try my hands at using the future-proof technology. Regards, Stephan [1] http://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO-4.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
