Professional Documents
Culture Documents
Libnf Man
Libnf Man
-Brad
----------
nfq_open()
----------
Prototype:
struct nfq_handle *nfq_open(void)
Parameters:
None.
Returns:
Pointer to a new queue handle or NULL on failure.
1 of 10 12/13/2010 10:05 AM
libnetfilter_queue man page http://lists.netfilter.org/pipermail/netfilter-devel/20...
Description:
Obtains a netfilter queue connection handle. When you are finished with
the handle returned by this function, you should destroy it by calling
nfq_close(). A new netlink connection is obtained internally and
associated with the queue connection handle returned.
---------------
nfq_open_nfnl()
---------------
Prototype:
struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh)
Parameters:
nfnlh Netfilter netlink connection handle obtained by calling nfnl_open()
Returns:
Pointer to a new queue handle or NULL on failure.
Description:
Obtains a netfilter queue connection handle using an existing netlink
connection. This function is used internally to implement nfq_open(),
and should typically not be called directly.
-----------
nfq_close()
-----------
Prototype:
int nfq_close(struct nfq_handle *h)
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
Returns:
0 on success, non-zero on failure. (see nfnl_close() return value)
Description:
Close connection associated with the queue connection handle and free
associated resources.
-----------
nfq_nfnlh()
-----------
Prototype:
struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h)
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
Returns:
The netlink handle assocated with the given queue connection handle. If
passed an invalid handle, this function will more than likely cause a
segfault as it performs no checks on the provided handle.
Description:
Returns the netlink handle associated with the given queue connection
handle. Possibly useful if you wish to perform other netlink communication
directly after opening a queue without opening a new netlink connection
to do so.
2 of 10 12/13/2010 10:05 AM
libnetfilter_queue man page http://lists.netfilter.org/pipermail/netfilter-devel/20...
--------
nfq_fd()
--------
Prototype:
int nfq_fd(struct nfq_handle *h)
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
Returns:
A file descriptor that can be used for communication over the netlink
connection associated with the given queue connection handle. On failure,
returns ??? -1 ???. (See nfnl_fd() return value)
Description:
Returns a file descriptor for the netlink connection associated with the
given queue connection handle. The file descriptor can then be used for
receiving the queued packets for processing.
Example:
fd = nfq_fd(h);
-------------
nfq_bind_pf()
-------------
Prototype:
int nfq_bind_pf(struct nfq_handle *h, u_int16_t pf)
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
pf Protocol family to bind handle to
Returns:
??? (See nfnl_talk() return value)
Description:
Binds the given queue connection handle to process packets belonging to the given
protocol family (ie. PF_INET, PF_INET6, etc).
---------------
nfq_unbind_pf()
---------------
Prototype:
int nfq_unbind_pf(struct nfq_handle *h, u_int16_t pf)
Parameters:
3 of 10 12/13/2010 10:05 AM
libnetfilter_queue man page http://lists.netfilter.org/pipermail/netfilter-devel/20...
Returns:
??? (See nfnl_talk() return value)
Description:
Unbinds the given queue connection handle from processing packets belonging
to the given protocol family.
??? Investigate kernel code NFQNL_CFG_CMD_PF_UNBIND ???
------------------
nfq_create_queue()
------------------
Prototype:
struct nfq_q_handle *nfq_create_queue(struct nfq_handle *h, u_int16_t num, nfq_callback *cb, voi
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
num The number of the queue to bind to
cb Callback function to call for each queued packet
data Custom data to pass to the callback function
Returns:
A new queue handle. (Actually a pointer to a linked list entry maintained
by the libnetfilter_queue library) Returns NULL on failure.
Description:
Creates a new queue handle, and returns it. The new queue is identified by
<num>, and the callback specified by <cb> will be called for each enqueued
packet. The <data> argument will be passed unchanged to the callback. If
a queue entry with id <num> already exists, this function will return failure
and the existing entry is unchanged.
Parameters:
4 of 10 12/13/2010 10:05 AM
libnetfilter_queue man page http://lists.netfilter.org/pipermail/netfilter-devel/20...
-------------------
nfq_destroy_queue()
-------------------
Prototype:
int nfq_destroy_queue(struct nfq_q_handle *qh)
Parameters:
qh Netfilter queue handle obtained by call to nfq_create_queue().
Returns:
0 on success, non-zero on failure. (See NFQNL_CFG_CMD_UNBIND return value)
Description:
Removes the binding for the specified queue handle. (The queue handles are
maintained in the libnetfilter_queue library as a linked list. The <qh>
is actually just a pointer to an entry in that list. When unbinding,
a NFQNL_CFG_CMD_UNBIND message is sent to netlink, and if successful, the
handle entry is removed from the linked list)
-------------------
nfq_handle_packet()
-------------------
Prototype:
int nfq_handle_packet(struct nfq_handle *h, char *buf, int len)
Parameters:
h Netfilter queue connection handle obtained via call to nfq_open()
buf Buffer containing packet data to process
len Length of packet data in buffer
Returns:
Returns 0 on success, non-zero on failure. (See nfnl_handle_packet() return value)
Description:
Triggers an associated callback for the given packet received from the
queue. Packets can be read from the queue using nfq_fd() and recv(). See
example code for nfq_fd().
--------------
nfq_set_mode()
--------------
Prototype:
int nfq_set_mode(struct nfq_q_handle *qh, u_int8_t mode, u_int32_t range)
Parameters:
qh Netfilter queue handle obtained by call to nfq_create_queue().
5 of 10 12/13/2010 10:05 AM