Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / b8646dc9623631db3b71a5c1846566cf54a66a3a / . / libipq / ipq_set_verdict.3
blob: 7771ed6a8593620ecc2095fc9d8b2aec9da99926 [file] [log] [blame]
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]1.TH IPQ_SET_VERDICT 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual"
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]2.\"
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]3.\" Copyright (c) 2000-2001 Netfilter Core Team
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]4.\"
5.\" This program is free software; you can redistribute it and/or modify
6.\" it under the terms of the GNU General Public License as published by
7.\" the Free Software Foundation; either version 2 of the License, or
8.\" (at your option) any later version.
9.\"
10.\" This program is distributed in the hope that it will be useful,
11.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
12.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13.\" GNU General Public License for more details.
14.\"
15.\" You should have received a copy of the GNU General Public License
16.\" along with this program; if not, write to the Free Software
17.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18.\"
19.\"
20.SH NAME
Jan Engelhardt352ccfb2009-08-20 17:15:22 +0200[diff] [blame]21ipq_set_verdict \(em issue verdict and optionally modified packet to kernel
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]22.SH SYNOPSIS
23.B #include <linux/netfilter.h>
24.br
25.B #include <libipq.h>
26.sp
27.BI "int ipq_set_verdict(const struct ipq_handle *" h ", ipq_id_t " id ", unsigned int " verdict ", size_t " data_len ", unsigned char *" buf ");"
28.SH DESCRIPTION
29The
30.B ipq_set_verdict
31function issues a verdict on a packet previously obtained with
32.BR ipq_read ,
33specifing the intended disposition of the packet, and optionally
34supplying a modified version of the payload data.
35.PP
36The
37.I h
38parameter is a context handle which must previously have been returned
39successfully from a call to
40.BR ipq_create_handle .
41.PP
42The
43.I id
44parameter is the packet identifier obtained via
45.BR ipq_get_packet .
46.PP
47The
48.I verdict
49parameter must be one of:
50.TP
51.B NF_ACCEPT
52Accept the packet and continue traversal within the kernel.
53.br
54.TP
55.B NF_DROP
56Drop the packet.
Jan Engelhardt7e6fe432009-02-12 14:48:59 +0100[diff] [blame]57.TP
58\fBNF_QUEUE\fP
59Requeue the packet.
60.PP
61\fBNF_STOLEN\fP and \fBNF_REPEAT\fP are kernel-internal constants and should
62not be used from userspace as their exact side effects have not been
63investigated.
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]64.PP
65The
66.I data_len
67parameter is the length of the data pointed to
68by
69.IR buf ,
70the optional replacement payload data.
71.PP
72If simply setting a verdict without modifying the payload data, use zero
73for
74.I data_len
75and NULL for
76.IR buf .
77.PP
78The application is responsible for recalculating any packet checksums
79when modifying packets.
80.SH RETURN VALUE
Jan Engelhardt352ccfb2009-08-20 17:15:22 +0200[diff] [blame]81On failure, \-1 is returned.
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]82.br
83On success, a non-zero positive value is returned.
84.SH ERRORS
85On error, a descriptive error message will be available
86via the
87.B ipq_errstr
88function.
89.SH BUGS
90None known.
91.SH AUTHOR
92James Morris <jmorris@intercode.com.au>
93.SH COPYRIGHT
James Morris460c7472001-10-16 14:41:02 +0000[diff] [blame]94Copyright (c) 2000-2001 Netfilter Core Team.
James Morris949810c2000-11-20 14:13:31 +0000[diff] [blame]95.PP
96Distributed under the GNU General Public License.
97.SH SEE ALSO
98.BR iptables (8),
99.BR libipq (3).
100