SYNOPSIS

#include <linux/netfilter.h>

#include <libipq.h>

int ipq_message_type(const unsigned char *buf);

ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf);

int ipq_get_msgerr(const unsigned char *buf);

DESCRIPTION

The ipq_message_type function returns the type of queue message returned to userspace via ipq_read.

ipq_message_type should always be called following a successful call to ipq_read to determine whether the message is a packet message or an error message. The buf parameter should be the same data obtained from the previous call to ipq_read.

ipq_message_type will return one of the following values:

NLMSG_ERROR

An error message generated by the Netlink transport.

IPQM_PACKET

A packet message containing packet metadata and optional packet payload data.

The ipq_get_packet function should be called if ipq_message_type returns IPQM_PACKET. The buf parameter should point to the same data used for the call to ipq_message_type. The pointer returned by ipq_get_packet points to a packet message, which is declared as follows:

typedef struct ipq_packet_msg {
	unsigned long packet_id;        /* ID of queued packet */
	unsigned long mark;             /* Netfilter mark value */
	long timestamp_sec;             /* Packet arrival time (seconds) */
	long timestamp_usec;            /* Packet arrvial time (+useconds) */
	unsigned int hook;              /* Netfilter hook we rode in on */
	char indev_name[IFNAMSIZ];      /* Name of incoming interface */
	char outdev_name[IFNAMSIZ];     /* Name of outgoing interface */
	unsigned short hw_protocol;     /* Hardware protocol (network order) */
	unsigned short hw_type;         /* Hardware type */
	unsigned char hw_addrlen;       /* Hardware address length */
	unsigned char hw_addr[8];       /* Hardware address */
	size_t data_len;                /* Length of packet data */
	unsigned char payload[0];       /* Optional packet data */
} ipq_packet_msg_t;

Each of these fields may be read by the application. If the queue mode is IPQ_COPY_PACKET and the data_len value is greater than zero, the packet payload contents may be accessed in the memory following the ipq_packet_msg_t structure to a range of data_len.

The packet_id field contains a packet identifier to be used when calling ipq_set_verdict.

The ipq_get_msgerr function should be called if ipq_message_type returns NLMSG_ERROR. The buf parameter should point to the same data used for the call to ipq_message_type. The value returned by ipq_get_msgerr is set by higher level kernel code and corresponds to standard errno values.

BUGS

None known.

AUTHOR

James Morris <[email protected]>

COPYRIGHT

Copyright (c) 2000-2001 Netfilter Core Team.

Distributed under the GNU General Public License.

RELATED TO ipq_get_msgerr…