can we use nfq_set_verdict to accept packets more than once with one packet_id?

can we use nfq_set_verdict to accept packets more than once with one packet_id?

[ZOU YOUTAO]

I need to develop an user space routing applcation.

My question is that I need to split an incoming udp packet to several
small ones and forward them to different servers.
Can I implement the requirement by  using libnetfilter_queue?

another requirement is that the incoming packet is not forwarded
immediately. A timer is set instead. The packet forwarding is performed
in the timeout handler. So we cannot invoke nfq_set_verdict in the end
of libnetfilter_queue callback function. We have to hold the packet_id
for the timeout handler for forwarding.
Does this introduce performance issue?

Re: can we use nfq_set_verdict to accept packets more than once with one packet_id?

[Patrick McHardy]

On 29.08.2011 16:03, ZOU YOUTAO wrote:
> 
> I need to develop an user space routing applcation.
> 
> My question is that I need to split an incoming udp packet to several
> small ones and forward them to different servers.
> Can I implement the requirement by  using libnetfilter_queue?

Not directly, each packet needs exactly one verdict and you can only
modify the contents once. You could split the packet, transmit all
but one using raw or packet sockets and issue a verdict for the
remaining one.

> another requirement is that the incoming packet is not forwarded
> immediately. A timer is set instead. The packet forwarding is performed
> in the timeout handler. So we cannot invoke nfq_set_verdict in the end
> of libnetfilter_queue callback function. We have to hold the packet_id
> for the timeout handler for forwarding.
> Does this introduce performance issue?

You just have to make sure your queue is sized approriately.