| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
s/destionation/destination
Fixes: 9a8e4c36188d ("examples: nf-queue: add more comments to this example")
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Add more comments to describe the nf-queue example that is based on
libmnl.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
Fixes: c3bada27b1db ("examples: print hwaddr attribute if present")
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a bug in 5.15 where HWADDR was included even if mac_header
start was same as network header.
In that case, userspace would get network header re-interpreted as a
mac address, i.e. hw->hw_addr[] set to network_header + 6 in ethernet
case.
Dump hwaddr if present.
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
Clarify that NFQA_CT requires the CTA_* attribute definitions in
nfnetlink_conntrack.h
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
-l is a library selection, needs to go into _LDADD/_LIBADD.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Move static nfq_hdr_put from examples/nf-queue.c into the library since
everyone is going to want it. Also rename nfq_hdr_put to nfq_nlmsg_put.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
The removed code sent configuration commands NFQNL_CFG_CMD_PF_UNBIND &
NFQNL_CFG_CMD_PF_BIND which the kernel required prior to 3.8.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
We can now get/set conntrack attributes via nfqueue, show a minimal
example that sets the connmark from userspace.
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
| |
There is confusion on what this command actually does and why
examples commonly PF_UNBIND at startup.
Since these are obsolete document that its not needed starting
with Linux 3.8.
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
| |
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
| |
We ask for 0xffff copy size, so we need a buffer that can
hold 0xffff, plus a few more bytes to allow for netlink attributes.
Also, turn off/handle ENOBUFS.
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
|
| |
1. struct nlattr *attr[NFQA_MAX+1] must be initialized.
Otherwise, attr[FOO] might be non-null after parsing
even if that attribute isn't present in the message.
2. mnl_attr_get_payload will never return NULL (if the
attribute is NULL, it returns MNL_ATTR_HDRLEN.)
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
nf-queue.c: In function ‘main’:
nf-queue.c:146:12: warning: unused variable ‘id’ [-Wunused-variable]
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|