On Thursday 2012-04-19 19:58, Jeff Haran wrote:
>
>I'm not an expert in this interface, but what I've observed is when user space
>reads a packet off of a socket to an NFQUEUE, a subsequent read on that socket
>will block if the first packet is not returned via nfq_set_verdict(), even if
>further packets have been queued from the kernel.
So simply set the verdict to NF_DROP for every input frame and send out
combined frames that are not linked to any prior packet.
So far the theory.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Linux Networking Development]
[Linux Kernel Development]
[Linux Resources]
[LARTC]
[Bugtraq]
[Consulting]
[Free Internet Dating]
[Yosemite Forum]
[Photo]
