From: patric <pakar@imperialnet.org>
To: Jan Engelhardt <jengelh@computergmbh.de>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: Patch for geoip to make it work with Linux kernel 2.6.22.x
Date: Thu, 12 Jul 2007 01:35:00 +0200 [thread overview]
Message-ID: <46956924.7000702@imperialnet.org> (raw)
In-Reply-To: <469530AE.2030409@imperialnet.org>
Or... just did some research on this, and there is a possibility for
multiple queues...
----------------------------------------------------
NFQUEUE target
The NFQUEUE target is used much the same way as the QUEUE target, and is
basically an extension of it. The NFQUEUE target allows for sending
packets for separate and specific queues. The queue is identified by a
16-bit id.
This target requires the nfnetlink_queue kernel support to run. For more
information on what you can do with the NFQUEUE target, see the QUEUE
target.
Table 11-12. NFQUEUE target options
Option --queue-num
Example iptables -t nat -A PREROUTING -p tcp --dport 80 -j NFQUEUE
--queue-num 30
Explanation The --queue-num option specifies which queue to use and
to send the queue'd data to. If this option is skipped, the default
queue 0 is used. The queue number is a 16 bit unsigned integer, which
means it can take any value between 0 and 65535. The default 0 queue is
also used by the QUEUE target.
* Works under Linux kernel 2.6.14 and later.
---------------------------------------------------
So i think it's time to update the kernel and do some mods on my code :)
/Patric
patric wrote:
> Yea, that's true as far as i know too.... And that's one con with this...
>
>
> /Patric
>
>
> Jan Engelhardt wrote:
>
>> On Jul 11 2007 01:26, patric wrote:
>>
>>> Just wanted to repost that there is a userspace daemon for this too..
>>>
>>> http://bladerunner.mine.nu/CJ/
>>>
>>> So if there is a bug in the code only the daemon fails and not the
>>> entire
>>> kernel.. =)
>>>
>>> It also eliminates the issues with kernel-revision incompatibility
>>> and should
>>> make it easier for people to setup.
>>>
>>
>> As far as I know you can only have one NFQUEUE userspace program at a
>> time.
>>
>>
>>> Have not really had any time lately to
>>> work anything on this, but current release seems to be stable and
>>> has a current
>>> uptime of around a month (my last reboot of that system).
>>>
>>>
>>> Just don't laugh to much when reading the code... LOTS of really
>>> ugly code, but
>>> it works.. :)
>>>
>>>
>>
>> Jan
>>
>
>
>
next prev parent reply other threads:[~2007-07-11 23:35 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <twig.1177771162.67234@bugmachine.ca>
2007-07-10 15:44 ` Patch for geoip to make it work with Linux kernel 2.6.22.x Svein Olav Bjerkeset
2007-07-10 16:58 ` Jan Engelhardt
2007-07-10 17:57 ` Svein Olav Bjerkeset
2007-07-10 18:10 ` Jan Engelhardt
2007-07-10 23:26 ` patric
2007-07-11 17:39 ` Jan Engelhardt
2007-07-11 19:34 ` patric
2007-07-11 23:35 ` patric [this message]
2007-07-10 17:04 ` Samuel Jean
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46956924.7000702@imperialnet.org \
--to=pakar@imperialnet.org \
--cc=jengelh@computergmbh.de \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.