nf-queue 0.1.0

A thin wrapper around libmnl for netfilter queue
Documentation
  • Coverage
  • 0.77%
    5 out of 652 items documented1 out of 121 items with examples
  • Size
  • Source code size: 71.07 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 13.09 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 18s Average build duration of successful builds.
  • all releases: 18s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • ecyk/nf-queue
    0 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • ecyk

Netfilter Queue

A thin wrapper around libmnl for netfilter queue.

Example

use crate::{CfgFlag, CmdType, CopyMode, MsgBuilder, SOCKET_BUFFER_SIZE, Socket, VerdictType};
use std::error::Error;

const QUEUE_NUM: u16 = 0;

fn main() -> Result<(), Box<dyn Error>> {
    let socket = Socket::new(0)?;

    let mut recv_buf = vec![0; 0xffff + (SOCKET_BUFFER_SIZE / 2)];
    let mut send_buf = vec![0; SOCKET_BUFFER_SIZE];

    let msg = MsgBuilder::new(&mut send_buf, QUEUE_NUM)
        .ack()
        .cfg()
        .cmd(CmdType::Bind)
        .params(0xffff, CopyMode::Packet)
        .queue_maxlen(1024)
        .flags(CfgFlag::FailOpen | CfgFlag::ConnTrack | CfgFlag::Gso)
        .build();

    socket.send(msg)?;
    socket.recv(&mut recv_buf)?; // ACK

    loop {
        let messages = socket.recv(&mut recv_buf)?;

        for msg in messages {
            let packet_msg = msg.as_packet_msg().unwrap();
            let packet_hdr = packet_msg.packet_hdr().unwrap();

            println!("{packet_msg:#?}");

            let verdict = MsgBuilder::new(&mut send_buf, QUEUE_NUM)
                .verdict()
                .verdict_hdr(packet_hdr.packet_id, VerdictType::Accept)
                .build();

            socket.send(verdict)?;
        }
    }
}