libnetfilter_queue  1.0.5
Modules | Functions
User-space network packet buffer
Collaboration diagram for User-space network packet buffer:

Modules

 Other functions
 

Functions

struct pkt_buff * pktb_alloc (int family, void *data, size_t len, size_t extra)
 
uint8_t * pktb_data (struct pkt_buff *pktb)
 
uint32_t pktb_len (struct pkt_buff *pktb)
 
void pktb_free (struct pkt_buff *pktb)
 
int pktb_mangle (struct pkt_buff *pktb, int dataoff, unsigned int match_offset, unsigned int match_len, const char *rep_buffer, unsigned int rep_len)
 
bool pktb_mangled (const struct pkt_buff *pktb)
 

Detailed Description

This library provides the user-space network packet buffer. This abstraction is strongly inspired by Linux kernel network buffer, the so-called sk_buff.

Function Documentation

◆ pktb_alloc()

struct pkt_buff* pktb_alloc ( int  family,
void *  data,
size_t  len,
size_t  extra 
)

pktb_alloc - allocate a new packet buffer

Parameters
familyIndicate what family. Currently supported families are AF_BRIDGE, AF_INET & AF_INET6.
dataPointer to packet data
lenPacket length
extraExtra memory in the tail to be allocated (for mangling)

This function returns a packet buffer that contains the packet data and some extra memory room in the tail (if requested).

Returns
Pointer to a new userspace packet buffer or NULL on failure.
Errors
ENOMEM From calloc()
EPROTONOSUPPORT family was AF_BRIDGE and this is not an IP packet (v4 or v6)
See also
calloc(3)

Definition at line 52 of file pktbuff.c.

◆ pktb_data()

uint8_t* pktb_data ( struct pkt_buff *  pktb)

pktb_data - get pointer to network packet

Parameters
pktbPointer to userspace packet buffer
Returns
Pointer to start of network packet data within pktb
It is appropriate to use pktb_data as the second argument of nfq_nlmsg_verdict_put_pkt()

Definition at line 105 of file pktbuff.c.

◆ pktb_free()

void pktb_free ( struct pkt_buff *  pktb)

pktb_free - release packet buffer

Parameters
pktbPointer to userspace packet buffer

Definition at line 129 of file pktbuff.c.

◆ pktb_len()

uint32_t pktb_len ( struct pkt_buff *  pktb)

pktb_len - get length of packet buffer

Parameters
pktbPointer to userspace packet buffer
Returns
Length of packet contained within pktb
It is appropriate to use pktb_len as the third argument of nfq_nlmsg_verdict_put_pkt()

Definition at line 119 of file pktbuff.c.

◆ pktb_mangle()

int pktb_mangle ( struct pkt_buff *  pktb,
int  dataoff,
unsigned int  match_offset,
unsigned int  match_len,
const char *  rep_buffer,
unsigned int  rep_len 
)

pktb_mangle - adjust contents of a packet

Parameters
pktbPointer to userspace packet buffer
dataoffSupplementary offset, usually offset from layer 3 (IP) header to the layer 4 (TCP or UDP) header. Specify zero to access the layer 3 header. If pktb was created in family AF_BRIDGE, specify -ETH_HLEN (a negative offset) to access the layer 2 (MAC) header.
match_offsetFurther offset to content that you want to mangle
match_lenLength of the existing content you want to mangle
rep_bufferPointer to data you want to use to replace current content
rep_lenLength of data you want to use to replace current content
Returns
1 for success and 0 for failure. Failure will occur if the extra argument to the pktb_alloc() call that created pktb is less than the excess of rep_len over match_len
Warning
pktb_mangle does not update any checksums. Developers should use the appropriate mangler for the protocol level: nfq_ip_mangle(), nfq_tcp_mangle_ipv4() or nfq_udp_mangle_ipv4(). IPv6 versions are planned.
It is appropriate to use pktb_mangle to change the MAC header.

Definition at line 314 of file pktbuff.c.

◆ pktb_mangled()

bool pktb_mangled ( const struct pkt_buff *  pktb)

pktb_mangled - test whether packet has been mangled

Parameters
pktbPointer to userspace packet buffer
Returns
true if packet has been mangled (modified), else false
When assembling a verdict, it is not necessary to return the contents of un-modified packets. Use pktb_mangled to decide whether packet contents need to be returned.

Definition at line 359 of file pktbuff.c.