libnetfilter_queue  1.0.5
Functions
Library setup [DEPRECATED]

Functions

struct nfq_handle * nfq_open (void)
 
int nfq_close (struct nfq_handle *h)
 
int nfq_bind_pf (struct nfq_handle *h, uint16_t pf)
 
int nfq_unbind_pf (struct nfq_handle *h, uint16_t pf)
 

Detailed Description

Library initialisation is made in two steps.

First step is to call nfq_open() to open a NFQUEUE handler.

Second step is to tell the kernel that userspace queueing is handle by NFQUEUE for the selected protocol. This is made by calling nfq_unbind_pf() and nfq_bind_pf() with protocol information. The idea behind this is to enable simultaneously loaded modules to be used for queuing.

Here's a little code snippet that bind with AF_INET:

        h = nfq_open();
        if (!h) {
                fprintf(stderr, "error during nfq_open()\n");
                exit(1);
        }

        printf("unbinding existing nf_queue handler for AF_INET (if any)\n");
        if (nfq_unbind_pf(h, AF_INET) < 0) {
                fprintf(stderr, "error during nfq_unbind_pf()\n");
                exit(1);
        }

        printf("binding nfnetlink_queue as nf_queue handler for AF_INET\n");
        if (nfq_bind_pf(h, AF_INET) < 0) {
                fprintf(stderr, "error during nfq_bind_pf()\n");
                exit(1);
        }

Once this is done, you can setup and use a Queue.

When the program has finished with libnetfilter_queue, it has to call the nfq_close() function to free all associated resources.

Function Documentation

◆ nfq_bind_pf()

int nfq_bind_pf ( struct nfq_handle *  h,
uint16_t  pf 
)

nfq_bind_pf - bind a nfqueue handler to a given protocol family

Parameters
hNetfilter queue connection handle obtained via call to nfq_open()
pfprotocol family to bind to nfqueue handler obtained from nfq_open()

Binds the given queue connection handle to process packets belonging to the given protocol family (ie. PF_INET, PF_INET6, etc). This call is obsolete, Linux kernels from 3.8 onwards ignore it.

Returns
integer inferior to 0 in case of failure

Definition at line 474 of file libnetfilter_queue.c.

◆ nfq_close()

int nfq_close ( struct nfq_handle *  h)

nfq_close - close a nfqueue handler

Parameters
hNetfilter queue connection handle obtained via call to nfq_open()

This function closes the nfqueue handler and free associated resources.

Returns
0 on success, non-zero on failure.

Definition at line 452 of file libnetfilter_queue.c.

◆ nfq_open()

struct nfq_handle* nfq_open ( void  )

nfq_open - open a nfqueue handler

This function obtains a netfilter queue connection handle. When you are finished with the handle returned by this function, you should destroy it by calling nfq_close(). A new netlink connection is obtained internally and associated with the queue connection handle returned.

Returns
a pointer to a new queue handle or NULL on failure.

Definition at line 363 of file libnetfilter_queue.c.

◆ nfq_unbind_pf()

int nfq_unbind_pf ( struct nfq_handle *  h,
uint16_t  pf 
)

nfq_unbind_pf - unbind nfqueue handler from a protocol family

Parameters
hNetfilter queue connection handle obtained via call to nfq_open()
pfprotocol family to unbind family from

Unbinds the given queue connection handle from processing packets belonging to the given protocol family.

This call is obsolete, Linux kernels from 3.8 onwards ignore it.

Definition at line 490 of file libnetfilter_queue.c.