nf-queue
| Crates.io | nf-queue |
| lib.rs | nf-queue |
| version | 0.1.0 |
| created_at | 2025-11-26 11:51:11.338429+00 |
| updated_at | 2025-11-26 11:51:11.338429+00 |
| description | A thin wrapper around libmnl for netfilter queue |
| homepage | |
| repository | https://github.com/ecyk/nf-queue |
| max_upload_size | |
| id | 1951311 |
| size | 71,578 |
Enes Yerlikaya (ecyk)
documentation
README
Netfilter Queue
A thin wrapper around libmnl for netfilter queue.
Example
use crate::{CfgFlag, CmdType, CopyMode, MsgBuilder, SOCKET_BUFFER_SIZE, Socket, VerdictType};
use std::error::Error;
const QUEUE_NUM: u16 = 0;
fn main() -> Result<(), Box<dyn Error>> {
let socket = Socket::new(0)?;
let mut recv_buf = vec![0; 0xffff + (SOCKET_BUFFER_SIZE / 2)];
let mut send_buf = vec![0; SOCKET_BUFFER_SIZE];
let msg = MsgBuilder::new(&mut send_buf, QUEUE_NUM)
.ack()
.cfg()
.cmd(CmdType::Bind)
.params(0xffff, CopyMode::Packet)
.queue_maxlen(1024)
.flags(CfgFlag::FailOpen | CfgFlag::ConnTrack | CfgFlag::Gso)
.build();
socket.send(msg)?;
socket.recv(&mut recv_buf)?; // ACK
loop {
let messages = socket.recv(&mut recv_buf)?;
for msg in messages {
let packet_msg = msg.as_packet_msg().unwrap();
let packet_hdr = packet_msg.packet_hdr().unwrap();
println!("{packet_msg:#?}");
let verdict = MsgBuilder::new(&mut send_buf, QUEUE_NUM)
.verdict()
.verdict_hdr(packet_hdr.packet_id, VerdictType::Accept)
.build();
socket.send(verdict)?;
}
}
}