Re: netfilter_queue to libipq comatiblity library

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 

Reply to this message
Author: Harald Welte
Date:  
To: David Gunnarsson
CC: Netfilter Development Mailinglist
Subject: Re: netfilter_queue to libipq comatiblity library
On Wed, Oct 25, 2006 at 10:38:56AM +0200, David Gunnarsson wrote:
> Hi my name is David Gunnarsson and i am working on my masters thesis
> work where i am in a situation where it might come handy to port a
> libipq-program to netfilter_queue. Ofcourse a "real" porting of the
> legacy libipq-based software might be the best it is quite some work,
> i've read about a compatiblity "layer" to netfilter_queue and libipq
> which could make porting easier. On your online blog dated to august
> 2005 i read that work was going on with the API but i've read no
> further about any progress. Are there any?

no, it's working just fine, I know several programs using (the new api,
not the compatibility)

> If there are, where can i find information on how to use it? I see
> that in the source of libnetfilter_queue there is a libipq_compat.c
> source file containing womething that seems to be some kind of
> compatiblity layer. (im using version 0.0.12)

yes. that basically is all information there is (the header files and
the library source code). You also might look at the port of inline
snort to the new api, and the nufw code (http://www.nufw.org) as an
example.

> b.t.w. i have seen the ipqueue multiplex daemon but it did not seem as
> as good solution as a compatiblity layer.

no, no way. that was sort-of a programming exercise and some kludge some
six years ago, and it doesn't perform well.

if you need support for multiple queue listeners, you cannot use the
libipq_compat layer, though. The compatibility layer is 100%
compatible, e.g. doesn't give you any more features. If you want more
features, you will have to use the native 'libnetfilter_queue' API.

> i dont know if this is the right email to reach you by but it was the one i found.

I don't really have time for netfilter at this moment. I suggest
posting to netfilter-devel@??? and see what other
developers can assist you. 

-- 
- Harald Welte <laforge@???>                      http://gnumonks.org/
============================================================================
We all know Linux is great...it does infinite loops in 5 seconds. -- Linus

This message was posted to the following mailing lists:
Netfilter Development
Mailing List Info | Nearby Messages		<-RE: Problem using connection trackingRFC1812 and CLUSTERIP->
Mailing List Archives by the Free Network Group administrated by Federico Sevilla IIILurker (version 2.1)