Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 69f564e3890976461de0016cd81171ff8bfa8353 / . / libipq / ipq_set_verdict.3
blob: 002e9fba70c6263908187c4a1a5976d410d666c9 [file] [log] [blame]
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]1.TH IPQ_SET_VERDICT 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual"
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]2.\"
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]3.\" $Id: ipq_set_verdict.3,v 1.1 2000/11/20 14:13:32 jamesm Exp $
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]4.\"
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]5.\" Copyright (c) 2000-2001 Netfilter Core Team
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]6.\"
7.\" This program is free software; you can redistribute it and/or modify
8.\" it under the terms of the GNU General Public License as published by
9.\" the Free Software Foundation; either version 2 of the License, or
10.\" (at your option) any later version.
11.\"
12.\" This program is distributed in the hope that it will be useful,
13.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
14.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15.\" GNU General Public License for more details.
16.\"
17.\" You should have received a copy of the GNU General Public License
18.\" along with this program; if not, write to the Free Software
19.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20.\"
21.\"
22.SH NAME
23ipq_set_verdict - issue verdict and optionally modified packet to kernel
24.SH SYNOPSIS
25.B #include <linux/netfilter.h>
26.br
27.B #include <libipq.h>
28.sp
29.BI "int ipq_set_verdict(const struct ipq_handle *" h ", ipq_id_t " id ", unsigned int " verdict ", size_t " data_len ", unsigned char *" buf ");"
30.SH DESCRIPTION
31The
32.B ipq_set_verdict
33function issues a verdict on a packet previously obtained with
34.BR ipq_read ,
35specifing the intended disposition of the packet, and optionally
36supplying a modified version of the payload data.
37.PP
38The
39.I h
40parameter is a context handle which must previously have been returned
41successfully from a call to
42.BR ipq_create_handle .
43.PP
44The
45.I id
46parameter is the packet identifier obtained via
47.BR ipq_get_packet .
48.PP
49The
50.I verdict
51parameter must be one of:
52.TP
53.B NF_ACCEPT
54Accept the packet and continue traversal within the kernel.
55.br
56.TP
57.B NF_DROP
58Drop the packet.
Jan Engelhardt7e6fe432009-02-12 14:48:59 +0100[diff] [blame]59.TP
60\fBNF_QUEUE\fP
61Requeue the packet.
62.PP
63\fBNF_STOLEN\fP and \fBNF_REPEAT\fP are kernel-internal constants and should
64not be used from userspace as their exact side effects have not been
65investigated.
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]66.PP
67The
68.I data_len
69parameter is the length of the data pointed to
70by
71.IR buf ,
72the optional replacement payload data.
73.PP
74If simply setting a verdict without modifying the payload data, use zero
75for
76.I data_len
77and NULL for
78.IR buf .
79.PP
80The application is responsible for recalculating any packet checksums
81when modifying packets.
82.SH RETURN VALUE
83On failure, -1 is returned.
84.br
85On success, a non-zero positive value is returned.
86.SH ERRORS
87On error, a descriptive error message will be available
88via the
89.B ipq_errstr
90function.
91.SH BUGS
92None known.
93.SH AUTHOR
94James Morris <jmorris@intercode.com.au>
95.SH COPYRIGHT
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]96Copyright (c) 2000-2001 Netfilter Core Team.
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]97.PP
98Distributed under the GNU General Public License.
99.SH SEE ALSO
100.BR iptables (8),
101.BR libipq (3).
102