From mboxrd@z Thu Jan 1 00:00:00 1970 From: Patrick McHardy Subject: Re: iptables match rule for DNS RR? Date: Wed, 04 Apr 2007 22:49:01 +0200 Message-ID: <46140F3D.2050605@trash.net> References: <20070404131825.GB20515@kallisti.us> <20070404135651.GA20727@kallisti.us> <20070404203918.GA23386@kallisti.us> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Cc: Samuel Jean , netfilter-devel@lists.netfilter.org, Jan Engelhardt , Ross Vandegrift To: Ross Vandegrift Return-path: In-Reply-To: <20070404203918.GA23386@kallisti.us> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-devel-bounces@lists.netfilter.org Errors-To: netfilter-devel-bounces@lists.netfilter.org List-Id: netfilter-devel.vger.kernel.org Ross Vandegrift wrote: > On Wed, Apr 04, 2007 at 10:12:38PM +0200, Jan Engelhardt wrote: > >>>Wait, I don't want to perform a DNS lookup - rather, I have DNS >>>servers, and I want to be able to filter out DNS requests based on the >>>the types of RRs in the question section. >> >>...use l7-filter, and write your pattern. > > > Heh, didn't know about that, but I've come up with a userspace > ipq program that's working really well. > > However I'm getting an occasional netlink error for "No such file or > directory". It happens every 50-100k requests, I'd guess and doesn't > seem to be affecting the functionality. > > What does it mean for netlink to say "no such file or directory"? The queue entry you're sending a verdict for does not exist.