RE: how to execute my libipq test program?

["Michael D. Berger" <m.d.berger@ieee.org>]

My apology for first sending this privately, rather than to the
list.

I have copied below some information that I have send to several
lists and newsgroups regarding my attempt to get libipq to work.
As yet, I have gotten no replies to this regarding libipq, and it
is still not working.  Maybe there may be something in it that is
useful you.  If you get it working, I certainly would like to hear
about it, and I will do likewise.
Mike.

--
Michael D. Berger
m.d.berger@ieee.org 
--

Using RH-E-WS-4 that has kernel-2.6.9-5.EL, all freshly installed,
I downloaded and installed iptables-1.3.1 using the install script
shown below.

I wrote the simple test program shown below, following
man libipq.

When I run it, and then send pings from another
box, the program prints "started", and nothing
else, indicating that the ipq_read never returns.
The pings get no response.  I note that if I
change QUEUE to ACCEPT in the iptables -A, the
pings respond appropriately.

Advice would be much appreciated.

Mike.

--
Michael D. Berger
m.d.berger@ieee.org
--

*** install script ***

make KERNEL_DIR=/usr/src BINDIR=/usr/bin LIBDIR=/usr/lib \
   MANDIR=/usr/share/man
make install KERNEL_DIR=/usr/src BINDIR=/usr/bin \
   LIBDIR=/usr/lib MANDIR=/usr/share/man install
make install KERNEL_DIR=/usr/src BINDIR=/usr/bin LIBDIR=/usr/lib \
   MANDIR=/usr/share/man install-devel

*** start sequence ***

modprobe iptable_filter
modprobe ip_queue
iptables -A OUTPUT -p icmp -j QUEUE
netqueue # the name of my program

*** iptables-save output ***

# Generated by iptables-save v1.2.11 on Sat May  7 14:03:44 2005 *filter
:INPUT ACCEPT [30:6804] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [46:5164]
-A OUTPUT -p icmp -j QUEUE
COMMIT
# Completed on Sat May  7 14:03:44 2005

*** code ***

// netqueue.c 05/10/05

#include <linux/netfilter.h>
#include <libipq.h>
#include <stdio.h>

#define BUFSIZE 2048

static void die (struct ipq_handle *hand)
{
   ipq_perror("passer");
   ipq_destroy_handle(hand);
   exit(1);
}

int main(int argc, char* argv[])
{
   int                     status;
   unsigned char           buf[BUFSIZE];
   struct ipq_handle*      ipqHand;

   ipqHand = ipq_create_handle(0,PF_INET);

   if (ipqHand == 0)
      die(ipqHand);

   int cnt = 0;
   while (cnt++ < 3)
   {
      fprintf(stderr,"started\n");
      status = ipq_read(ipqHand,buf,BUFSIZE,0);
      fprintf(stderr,"read\n");

      if (status < 0)
         die(ipqHand);

      switch(ipq_message_type(buf))
      {
         case NLMSG_ERROR:
            fprintf(stderr,"Error msg: %s\n",ipq_get_msgerr(buf));
         break;

         default:
         {
            ipq_packet_msg_t*    msg = ipq_get_packet(buf);
            fprintf (stderr,"Type = %d\n",ipq_message_type(buf));
            status = ipq_set_verdict(ipqHand,msg->packet_id,
                        NF_ACCEPT,0,NULL);
            if (status < 0)
               die(ipqHand);
         }
      };
   }

   ipq_destroy_handle(ipqHand);
   return 0;
}



> -----Original Message-----
> From: netfilter-bounces@lists.netfilter.org 
> [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of hero lp
> Sent: Thursday, May 19, 2005 8:10 PM
> To: netfilter@lists.netfilter.org
> Subject: how to execute my libipq test program?
> 
> 
> hello, everybody. Wish you a good day!
> I have compiled my test program with libipq. But when I try to execute
> it with netqueue command, I get some troubles. ----There exists no
> such command. Why? Then how to execute my program?
> Another question: I think it's something like writer and reader
> problem since kernel tries to put packets into user space and my
> program tries to read them. Is it necessary for user application to do
> some work for synchronization? If not, why?
> 
> Thanks for your suggestions!
> 
> 

--
Michael D. Berger
m.d.berger@ieee.org