Crate nfqueue [−] [src]
Netfilter NFQUEUE high-level bindings
libnetfilter_queue is a userspace library providing an API to packets that have been queued by the kernel packet filter. It is is part of a system that deprecates the old ip_queue / libipq mechanism.
libnetfilter_queue homepage is: http://netfilter.org/projects/libnetfilter_queue/
The goal is to provide a library to gain access to packets queued by the kernel packet filter
Using NFQUEUE requires root privileges, or the CAP_NET_ADMIN
capability
The code is available on Github
Example
extern crate libc; extern crate nfqueue; use std::fmt::Write; fn callback(msg: &nfqueue::Message) { println!(" -> msg: {}", msg); let payload_data = msg.get_payload(); let mut s = String::new(); for &byte in payload_data { write!(&mut s, "{:X} ", byte).unwrap(); } println!("{}", s); println!("XML\n{}", msg.as_xml_str(&[nfqueue::XMLFormatFlags::XmlAll]).unwrap()); msg.set_verdict(nfqueue::Verdict::Accept); } fn main() { let mut q = nfqueue::Queue::new(); q.open(); let rc = q.bind(libc::AF_INET); assert!(rc == 0); q.create_queue(0, callback); q.set_mode(nfqueue::CopyMode::CopyPacket, 0xffff); q.set_callback(callback); q.run_loop(); q.close(); }
Structs
HwAddr |
Hardware (Ethernet) address |
Message |
Opaque struct |
NfMsgPacketHdr |
Metaheader wrapping a packet |
Queue |
Opaque struct |
Enums
CopyMode |
Copy modes |
NfqueueError | |
Verdict |
Decision on the packet |
XMLFormatFlags |
XML formatting flags |
Type Definitions
NfqueueCallback |
Prototype for the callback function, triggered when a packet is received |