Johennecken, Peter <P.Johennecken@xxxxxxxxxxx> wrote: > I'm trying to use iptables for a solution right now. > > I want to be able to set and remove netfilter rules from a C program. The detour via the "exec" family seems somewhat unattractive. Why? Its the fastest and most efficient way: pipe into iptables-restore. The -n option can be handy here. > However, the use of libiptc is strongly discouraged (https://netfilter.org/documentation/FAQ/netfilter-faq-4.html#ss4.5). Yes, don't use this. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
