James Morris | 949810c | 2000-11-20 14:13:31 +0000 | [diff] [blame] | 1 | .TH IPQ_SET_VERDICT 3 "18 November 2000" "Linux iptables 1.1.3+" "Linux Programmer's Manual" |
| 2 | .\" |
| 3 | .\" $Id: $ |
| 4 | .\" |
| 5 | .\" Copyright (c) 2000 Netfilter Core Team |
| 6 | .\" |
| 7 | .\" This program is free software; you can redistribute it and/or modify |
| 8 | .\" it under the terms of the GNU General Public License as published by |
| 9 | .\" the Free Software Foundation; either version 2 of the License, or |
| 10 | .\" (at your option) any later version. |
| 11 | .\" |
| 12 | .\" This program is distributed in the hope that it will be useful, |
| 13 | .\" but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 15 | .\" GNU General Public License for more details. |
| 16 | .\" |
| 17 | .\" You should have received a copy of the GNU General Public License |
| 18 | .\" along with this program; if not, write to the Free Software |
| 19 | .\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 20 | .\" |
| 21 | .\" |
| 22 | .SH NAME |
| 23 | ipq_set_verdict - issue verdict and optionally modified packet to kernel |
| 24 | .SH SYNOPSIS |
| 25 | .B #include <linux/netfilter.h> |
| 26 | .br |
| 27 | .B #include <libipq.h> |
| 28 | .sp |
| 29 | .BI "int ipq_set_verdict(const struct ipq_handle *" h ", ipq_id_t " id ", unsigned int " verdict ", size_t " data_len ", unsigned char *" buf ");" |
| 30 | .SH DESCRIPTION |
| 31 | The |
| 32 | .B ipq_set_verdict |
| 33 | function issues a verdict on a packet previously obtained with |
| 34 | .BR ipq_read , |
| 35 | specifing the intended disposition of the packet, and optionally |
| 36 | supplying a modified version of the payload data. |
| 37 | .PP |
| 38 | The |
| 39 | .I h |
| 40 | parameter is a context handle which must previously have been returned |
| 41 | successfully from a call to |
| 42 | .BR ipq_create_handle . |
| 43 | .PP |
| 44 | The |
| 45 | .I id |
| 46 | parameter is the packet identifier obtained via |
| 47 | .BR ipq_get_packet . |
| 48 | .PP |
| 49 | The |
| 50 | .I verdict |
| 51 | parameter must be one of: |
| 52 | .TP |
| 53 | .B NF_ACCEPT |
| 54 | Accept the packet and continue traversal within the kernel. |
| 55 | .br |
| 56 | .TP |
| 57 | .B NF_DROP |
| 58 | Drop the packet. |
| 59 | .PP |
| 60 | The |
| 61 | .I data_len |
| 62 | parameter is the length of the data pointed to |
| 63 | by |
| 64 | .IR buf , |
| 65 | the optional replacement payload data. |
| 66 | .PP |
| 67 | If simply setting a verdict without modifying the payload data, use zero |
| 68 | for |
| 69 | .I data_len |
| 70 | and NULL for |
| 71 | .IR buf . |
| 72 | .PP |
| 73 | The application is responsible for recalculating any packet checksums |
| 74 | when modifying packets. |
| 75 | .SH RETURN VALUE |
| 76 | On failure, -1 is returned. |
| 77 | .br |
| 78 | On success, a non-zero positive value is returned. |
| 79 | .SH ERRORS |
| 80 | On error, a descriptive error message will be available |
| 81 | via the |
| 82 | .B ipq_errstr |
| 83 | function. |
| 84 | .SH BUGS |
| 85 | None known. |
| 86 | .SH AUTHOR |
| 87 | James Morris <jmorris@intercode.com.au> |
| 88 | .SH COPYRIGHT |
| 89 | Copyright (c) 2000 Netfilter Core Team. |
| 90 | .PP |
| 91 | Distributed under the GNU General Public License. |
| 92 | .SH SEE ALSO |
| 93 | .BR iptables (8), |
| 94 | .BR libipq (3). |
| 95 | |