On Tue, 2007-07-17 at 17:09 +0530, Ganesan Natarajan wrote: > Hi All, > I have three questions. > > 1. If NF_STOLEN is used as return value for the netfilter hook > function, where the packet is given? ( I mean will it be given to user > space?)
It is not given to anyone. It is simply ignored. It is your responsibility to deallocate it (or give it to anyone you want). > 2. Is there any difference between NF_DROP and NF_STOLEN? NF_DROP means don't continue to process the packet, but deallocate it. NF_STOLEN means don't continue to process the packet and not deallocate it. > 3. If the user space application uses raw sockets, can it get > the packets from the netfilter of NF_IP_PRE_ROUTING hook by return > NF_QUEUE? I think you'll get the packet with raw socket regardless to what you return to netfilter (CMIIW). To get packets queued by netfilter use libipq (do man ipq) > I am new to this netfilter and kernel module programming. Based on > this only I am going to start writing kernel module. godspeed Hayim > > Ganesan > > -- > To unsubscribe from this list: send an email with > "unsubscribe kernelnewbies" to [EMAIL PROTECTED] > Please read the FAQ at http://kernelnewbies.org/FAQ
