libnetfilter_queue is a userspace library providing an API to packets that have been queued by the kernel packet filter. It is is part of a system that deprecates the old ip_queue / libipq mechanism.
libnetfilter_queue homepage is: http://netfilter.org/projects/libnetfilter_queue/
libnetfilter_queue requires libnfnetlink and a kernel that includes the nfnetlink_queue subsystem (i.e. 2.6.14 or later).
- receiving queued packets from the kernel nfnetlink_queue subsystem
- issuing verdicts and/or reinjecting altered packets to the kernel nfnetlink_queue subsystem
The current development version of libnetfilter_queue can be accessed at https://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_queue.git;a=summary.
To write your own program using libnetfilter_queue, you should start by reading the doxygen documentation (start by LibrarySetup
page) and nfqnl_test.c