From: Eric Leblond <eric@inl.fr>
To: Mistick Levi <gmistick@gmail.com>
Cc: "netfilter-devel@vger.kernel.org" <netfilter-devel@vger.kernel.org>
Subject: Re: libnetfilter_queue - remove packet from kernel buffer, and reinject later
Date: Tue, 19 Jan 2010 23:54:57 +0100 [thread overview]
Message-ID: <1263941697.4571.46.camel@ice-age> (raw)
In-Reply-To: <6c279bde1001191125u28fa13a4i4fd7973cf950cccc@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1894 bytes --]
Hello,
Le mardi 19 janvier 2010 à 21:25 +0200, Mistick Levi a écrit :
> Hi,
> I've worked with libipq, and libnetfilter_queue, and i got to a place
> where my userspace code can't get anymore packets( with the message:
> netlink message: no buffer space available ) .
>
> Now what i want to do is this:
> Read a packet from the queue, copy it to my own queue/location in my
> program, and re injecting the packet later on with my verdict, after i
> finished.
This is how it works ;)
In fact, the 'no buffer space available' message is due to your program
not getting packets as fast as needed: The kernel is sending packet to a
netlink socket and the internal buffer of the socket gets filled with
the packets waiting to be read.
What you need to do is:
* read packet as fast as you can (your callback function has to be
fast)
* do the intensive or delay needing work outside of the callback
(via a thread or something)
It last option is not possible, you can increase the netlink buffer size
via the nfnl_rcvbufsiz function. "Standard" syntax is the following:
nfnl_rcvbufsiz(nfq_nfnlh(my_nfq_handle), NFQ_NF_BUFSIZE);
BR,
>
> but to my best of my understanding, until i send a verdict the packet
> still takes place in the queue.
> and i've read something about using NF_STOLEN and then reinject, but i
> dont think that NF_STOLEN is a valid verdict.
>
> Any ideas on how i can do what it is i wish to do? ( Clear the kernel
> queue by transferring the packets to my queue ).
>
> Kind regards
> Levi Yechiel
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2010-01-19 22:55 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-19 19:25 libnetfilter_queue - remove packet from kernel buffer, and reinject later Mistick Levi
2010-01-19 22:54 ` Eric Leblond [this message]
2010-01-20 20:13 ` Mistick Levi
2010-01-21 7:08 ` Eric Leblond
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1263941697.4571.46.camel@ice-age \
--to=eric@inl.fr \
--cc=gmistick@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).