Hello netfilter-devel-list, maybe my problem has nothing to do specialy with netfilter, but the error comes from ipq_set_verdict. Here is my problem: (all in userspace)
I tried to code the example from man 3 libipq with 2 processes. "Userspace Packet Queuing" I have one parentprocess (control.c) and a childprocess (get.c) created by fork and exec. Both processes are synchronized by signals and have a sharememory (works fine). In the child process I'm binding the Netlink socket to the ip_queue. When the child receives packets and issues NF_ACCEPT verdicts on each packet, everthing is fine. But when I tried to let the parentprocess issues NF_ACCEPT verdicts on each packet, it returns -1 and EBADF. I don't get the point, where the error could be. The child copy the ipq_handle struct and the ipq_packet_msg struct into the sharememory. In both processes I have the same values, the same function and differnet resulats: child: ipq_set_verdict(h, m.packet_id, NF_ACCEPT, 0, NULL) => 0 parent: ipq_set_verdict(h, m.packet_id, NF_ACCEPT, 0, NULL) => EBADF Please, can someone with more practical knowledge then me (I'm a beginner in programming in C ) help me. If this problem is too off topic, please tell me where to find help. Thank you. Tassilo p.s.: the parentprocess starts with root privilages because of CAP_NET_ADMIN
