Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: netfilter / iptables
Operating Systems Linux netfilter / iptables Post 302323901 by Arun.Kakarla on Tuesday 9th of June 2009 10:34:46 AM
Old 06-09-2009
Java netfilter / iptables
HI,


Is the Netfilter and IPtables same?


Thanks & Regards
Arun
 

9 More Discussions You Might Find Interesting

1. Programming

Help in extending netfilter

Hi everybody, I have to write a module for matching in netfilter , extending the netfilter but I'm facing some problems can somebody guide me in that. I know that I need to write matching module working in kernel space and a program in userspace. I went through the HOWTO on netfilter-hacking but... (0 Replies)
Discussion started by: Trusted Penguin
0 Replies

2. Programming

Problem in registering new netfilter target module

Friends I'm facing a big problem trying to extend the netfilter. Somone please help me with your quick reply (any hint) as I've to meet a deadline. My problem is that I've written a new netfilter target module and its corresponding userspace program for iptables to change the packet type of a... (0 Replies)
Discussion started by: Rakesh Ranjan
0 Replies

3. Programming

extending netfilter...plz help

Hello friends i'm trying to extend iptables to include a target by which we can change the packet type field of a packet. For this i created a kernel module and a userspace extension. Now i face the problem that when i try to invoke iptable with the target i created i get an error message saying... (1 Reply)
Discussion started by: Rakesh Ranjan
1 Replies

4. IP Networking

netfilter connection tracking

hi, i'm using tcpreplay to send a traffic trace to my wireless interface (the trace is been captured by the same interface). It seems as netfilter can't trace connections. Is it possible? (0 Replies)
Discussion started by: littleboyblu
0 Replies

5. Cybersecurity

Netfilter conntracking for P2P protocols (edonkey, bittorent...)

Hi everyone, I would like to allow multi users to access P2P networks, so I wonder if there's a way to tracking these kind of protocols with netfilter, and also compatibility with nat, like the module conntrack_ftp seems to do with the FTP protocol. Thanks guys. (0 Replies)
Discussion started by: nekkro-kvlt
0 Replies

6. UNIX for Advanced & Expert Users

problem with netfilter hook function struct skbuff *sock is null..

iam trying to built a firewall.so i have used netfilter for it. in function main_hook sock_buff is returning null and in my log file continuously "sock buff null" is printed plse help to solve this problem.. (using print_string iam printing strings on current terminal (terminal we ping)) ... (1 Reply)
Discussion started by: pavan6754
1 Replies

7. Linux

C, LKM, netfilter, PF_PACKET and ARP.

Hello, Everyone knows that with PF_PACKET sockets one can "sniff" a determinated frame from the network device, but just that, see the frame without altering its action on the receiving host. What i want is to "intercept" the incoming frame and pass it through some rules, and if it doesn't pass... (9 Replies)
Discussion started by: Zykl0n-B
9 Replies

8. Cybersecurity

Experience with libvirt netfilter API

Hi all, I would like to get some ideas and opinions on matter of libvirt netfilter application in KVM environment. I am looking for some easy way to control it with an API and possible experience with that and its performance in real life application. Thanks for all ideas (0 Replies)
Discussion started by: smoofy
0 Replies

9. Cybersecurity

How to use Netfilter properly with IPv6?

Hello, on a PC with Debian 8 I try to use a Bash script with Netfilter rules so that only traffic goes in and out that is wanted. For that I set all 3 default policies to "drop". The machine uses DHCP to get its IP, gateway and DNS. And I never checked so I was quite surprised that my... (1 Reply)
Discussion started by: SInt
1 Replies

LEARN ABOUT SUSE

ipq_message_type

IPQ_MESSAGE_TYPE(3)					     Linux Programmer's Manual					       IPQ_MESSAGE_TYPE(3)

NAME

       ipq_message_type, ipq_get_packet, ipq_getmsgerr -- query queue messages

SYNOPSIS

       #include <linux/netfilter.h>
       #include <libipq.h>

       int ipq_message_type(const unsigned char *buf);
       ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf);
       int ipq_get_msgerr(const unsigned char *buf);

DESCRIPTION

       The ipq_message_type function returns the type of queue message returned to userspace via ipq_read.

       ipq_message_type should always be called following a successful call to ipq_read to determine whether the message is a packet message or an
       error message. The buf parameter should be the same data obtained from the previous call to ipq_read.

       ipq_message_type will return one of the following values:

       NLMSG_ERROR
	      An error message generated by the Netlink transport.

       IPQM_PACKET
	      A packet message containing packet metadata and optional packet payload data.

       The ipq_get_packet function should be called if ipq_message_type returns IPQM_PACKET.  The buf parameter should point to the same data used
       for the call to ipq_message_type.  The pointer returned by ipq_get_packet points to a packet message, which is declared as follows:

	      typedef struct ipq_packet_msg {
		   unsigned long packet_id;	   /* ID of queued packet */
		   unsigned long mark;		   /* Netfilter mark value */
		   long timestamp_sec;		   /* Packet arrival time (seconds) */
		   long timestamp_usec; 	   /* Packet arrvial time (+useconds) */
		   unsigned int hook;		   /* Netfilter hook we rode in on */
		   char indev_name[IFNAMSIZ];	   /* Name of incoming interface */
		   char outdev_name[IFNAMSIZ];	   /* Name of outgoing interface */
		   unsigned short hw_protocol;	   /* Hardware protocol (network order) */
		   unsigned short hw_type;	   /* Hardware type */
		   unsigned char hw_addrlen;	   /* Hardware address length */
		   unsigned char hw_addr[8];	   /* Hardware address */
		   size_t data_len;		   /* Length of packet data */
		   unsigned char payload[0];	   /* Optional packet data */
	      } ipq_packet_msg_t;

       Each of these fields may be read by the application.  If the queue mode is IPQ_COPY_PACKET and the data_len value is greater than zero, the
       packet payload contents may be accessed in the memory following the ipq_packet_msg_t structure to a range of data_len.

       The packet_id field contains a packet identifier to be used when calling ipq_set_verdict.

       The ipq_get_msgerr function should be called if ipq_message_type returns NLMSG_ERROR.  The buf parameter should point to the same data used
       for  the  call  to  ipq_message_type.   The value returned by ipq_get_msgerr is set by higher level kernel code and corresponds to standard
       errno values.

BUGS

       None known.

AUTHOR

       James Morris <jmorris@intercode.com.au>

COPYRIGHT

       Copyright (c) 2000-2001 Netfilter Core Team.

       Distributed under the GNU General Public License.

SEE ALSO

       iptables(8), libipq(3).

Linux iptables 1.2						  16 October 2001					       IPQ_MESSAGE_TYPE(3)
All times are GMT -4. The time now is 02:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy