libnetfilter_queue quick question

Linux Netfilter discussions
 help / color / mirror / Atom feed

* libnetfilter_queue quick question
@ 2010-07-12 16:00 Edison Figueira
  2010-07-14  9:27 ` Alessandro Vesely
  0 siblings, 1 reply; 3+ messages in thread
From: Edison Figueira @ 2010-07-12 16:00 UTC (permalink / raw)
  To: netfilter

Hi,
Quick question,

The absence of the verdict like <RETURN> on libnetfilter_queue is because it
was not implemented or is not possible to implement?
Has something like of <RETURN> what can be make in the queue to have this
effect?

I appreciate the help!

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: libnetfilter_queue quick question
  2010-07-12 16:00 libnetfilter_queue quick question Edison Figueira
@ 2010-07-14  9:27 ` Alessandro Vesely
  2010-07-14 13:13   ` Mart Frauenlob
  0 siblings, 1 reply; 3+ messages in thread
From: Alessandro Vesely @ 2010-07-14  9:27 UTC (permalink / raw)
  To: netfilter

On 12/Jul/10 18:00, Edison Figueira wrote:
> The absence of the verdict like<RETURN>  on libnetfilter_queue is because it
> was not implemented or is not possible to implement?

Return what/where? Don't confuse tables with chains or queues...

> Has something like of<RETURN>  what can be make in the queue to have this
> effect?

Setting a mark and ACCEPT a packet from a table may be a handy way to 
return a value that can be tested by iptables rules of a further table.

HTH

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: libnetfilter_queue quick question
  2010-07-14  9:27 ` Alessandro Vesely
@ 2010-07-14 13:13   ` Mart Frauenlob
  0 siblings, 0 replies; 3+ messages in thread
From: Mart Frauenlob @ 2010-07-14 13:13 UTC (permalink / raw)
  To: netfilter

On 14.07.2010 11:27, vesely@tana.it wrote:
> On 12/Jul/10 18:00, Edison Figueira wrote:
>> The absence of the verdict like<RETURN> on libnetfilter_queue is
>> because it
>> was not implemented or is not possible to implement?

the latter i think.

>
> Return what/where? Don't confuse tables with chains or queues...
>
>> Has something like of<RETURN> what can be make in the queue to have this
>> effect?
>
> Setting a mark and ACCEPT a packet from a table may be a handy way to
> return a value that can be tested by iptables rules of a further table.
>

A 'pass through' option for queued packets does not sound wrong to me.

... -j NFQUEUE
... next rule that may hit packets, which 'RETURN' from the queue

regards

Mart

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2010-07-14 13:13 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-07-12 16:00 libnetfilter_queue quick question Edison Figueira
2010-07-14  9:27 ` Alessandro Vesely
2010-07-14 13:13   ` Mart Frauenlob

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox