hi I'm trying develop a monitor app that does list the packet rate going through each ipt_entry. My current approach is to link with libiptc and get each ipt_entry every 5 seconds an calculate the average packet rate. The problem I've got is to identify ipt_entries. I thought about strcmp the target name and memcmp'ing ipt_entry::ipt_ip and all matches. The target and ipt_ip part works fine and I'm already able to seperate most of the rules as long as they don't have any special matches, because memcmp'ing the ipt_entry_match structs doesn't work.
The second problem is to print out match information, my current idea is to overwrite printf with printw (ncurses version of printf) and call the print function in each extension library. I'm not very familiar with the netfilter code, so I would like to hear from you. What about adding a unique identifier to each ipt_entry? Thanks. -- thomas
