Re: libnetfilter_queue and libnetfilter_log

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Martin MAURER <martinmaurer@gmx.at>
Cc: netfilter-devel@lists.netfilter.org, FireFlier <fireflier@gibraltar.at>
Subject: Re: libnetfilter_queue and libnetfilter_log
Date: Fri, 15 Dec 2006 11:00:13 +0100	[thread overview]
Message-ID: <4582722D.8010304@trash.net> (raw)
In-Reply-To: <1166116491.3905.14.camel@localhost>

Martin MAURER wrote:
> Hi,
> 
> In one of my software projects (fireflier - interactive firewall) I have
> been using QUEUE and ULOG for quite a while now. 
> When I recently decided to spend more work on fireflier again, I
> remembered that those two systems are deprecated meanwhile. Looking at
> the subversion archives I realized, that there is quite little
> development going on there for the new ones (at least for NFQUEUE, which
> I concentrated on so far).
> So before spending too much time on switching to those libs I first
> wanted to ask, if it comes still true, that those are the ones to use
> for now. (Or should I switch later and encourage users to use ULOG and
> QUEUE for now?)
> 
> During my experiments I realized, that there seems to be a problem in
> libipq_compat.c(ipq_read). This function never returns positive for me
> (which the former implementation did on new packets. 
> I guess it might have to do something with ipq_netlink_recvfrom being
> commented out?

Yes, it was never finished and it pretty useless currently.
nfnetlink_log and nfnetlink_queue are the future and provide
a few benefits over the old implementation (easily extendable,
multiple queue instances, address family agnostic). The downside
is that if your application should also run on old kernels you
need to support both implementations (compatibility in the
other direction would be more useful IMO, so you could use the
nfnetlink_queue API with both the old and new implementation).

next prev parent reply	other threads:[~2006-12-15 10:00 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-12-14 17:14 libnetfilter_queue and libnetfilter_log Martin MAURER
2006-12-15 10:00 ` Patrick McHardy [this message]
2006-12-15 12:55   ` Martin MAURER

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4582722D.8010304@trash.net \
    --to=kaber@trash.net \
    --cc=fireflier@gibraltar.at \
    --cc=martinmaurer@gmx.at \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.