From: Eric Leblond <eric@regit.org>
To: Ajay Lele <ajay.lele@gmail.com>
Cc: netfilter@vger.kernel.org
Subject: Re: nfq_bind_pf() simultaneously in 2 separate programs?
Date: Tue, 11 Jan 2011 03:01:04 +0100 [thread overview]
Message-ID: <1294711264.29036.13.camel@ice-age> (raw)
In-Reply-To: <AANLkTi=OUOR+txCwyQiMmSOOUpnpjYB=FXC_TuVPP2o0@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2350 bytes --]
Hi,
Le lundi 10 janvier 2011 à 15:36 -0800, Ajay Lele a écrit :
> On Mon, Jan 10, 2011 at 2:24 PM, Eric Leblond <eric@regit.org> wrote:
> > Hello,
> >
> > Le lundi 10 janvier 2011 à 12:31 -0800, Ajay Lele a écrit :
> >> Hi All
> >>
> >> I am using netfilter_queue library (version 1.0.0, nfnetlink version
> >> 1.0.0) to queue certain packets to user-space and it works great
> >>
> >> Now I want to run 2 instances on this program simultaneously with each
> >> program receiving and processing packets received on a different
> >> queue. The 1st instance of program runs fine, but call to
> >> nfq_unbind_pf()/nfq_bind_pf() for AF_INET fail in the 2nd instance
> >>
> >> Is it not possible to use netfilter_queue APIs simultaneously in 2
> >> programs when each one of them is listening to a separate queue? Any
> >> other approach which can be used to get this to work? - I don't want
> >> to merge the processing of packets on the 2 queues into a single
> >> program
> >
> > nfq_bind_pf() call is linking the kernel nf_queue capability with the
> > nfnetlink_queue module for a given protocol. This has only to be done
> > once on a system (as nfnetlink_queue is the only userspace queuing
> > module for now).
> >
> > Thus your program can simply ignore the return on nfq_[un]bind_pf()
> > function.
>
> Thanks Eric for your quick reply
>
> I tried ignoring the return from nfq_[un]bind_pf() but
> nfq_create_queue() fails with return value NULL. Target machine is
> running CentOS 5.3
NFQ initialisation in NuFW is working fine since some years now. You can
find it here:
https://nufw.edenwall.com/projects/nufw/repository/revisions/master/entry/src/nufw/packetsrv.c#L219
BR,
>
> Regards
> Ajay
>
> >
> > BR,
> >
> >>
> >> Thanks in advance
> >>
> >> Regards
> >> Ajay
> >> --
> >> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> >> the body of a message to majordomo@vger.kernel.org
> >> More majordomo info at http://vger.kernel.org/majordomo-info.html
> >
> > --
> > Eric Leblond <eric@regit.org>
> >
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Eric Leblond <eric@regit.org>
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]
prev parent reply other threads:[~2011-01-11 2:01 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-10 20:31 nfq_bind_pf() simultaneously in 2 separate programs? Ajay Lele
2011-01-10 22:24 ` Eric Leblond
2011-01-10 23:36 ` Ajay Lele
2011-01-11 2:01 ` Eric Leblond [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1294711264.29036.13.camel@ice-age \
--to=eric@regit.org \
--cc=ajay.lele@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox