Menu
▾
▴
#59 Add netfilter/nflog interface.
This patch add support to listen on given iptables NFLOG group(s).
It can be used to filter packets generated by given UID or do other cool stuff :)
I'm not sure whether selecting groups should be passed in interface name or BPF
Some sniffers gives list of interfaces and allow only selecting one of them, but allows to enter filter.
Example of BPF syntax:
nfgroup 10 or nfgroup 22 or nfgroup 33
Add nflog interface.
Checked into the trunk, with changes to the configure script to try to check whether the support can be compiled (due to some aligned_XXX types not being defined if __KERNEL_STRICT_NAMES is defined, and __KERNEL_STRICT_NAMES being defined, and undefining it causing other compiler failures due to redefinition of types, it wouldn't compile on my Ubuntu 7 or Ubuntu 9 virtual machines; hopefully those aren't issues in systems with newer kernels).
Hi,
Thanks for working on portability, but configure script fails for me with:
#v+
In file included from conftest.c:84:
/usr/include/linux/netlink.h:31: error: expected specifier-qualifier-list before 'sa_family_t'
#v-
(linux-headers 2.6.38)
I added another: #include <sys/socket.h>
but this is what I most hate about C, include-hell-mess ;/
OK, I've added <sys/socket.h> to the trunk.
Administrators of the "libpcap" SourceForge project have superseded this tracker item (formerly artifact 3317477, now patch 59) with issue 255 of the "libpcap" GitHub project.