Linux repositories inspector


Linux iptables 1.2
16 October 2001
Aliases: ipq_get_msgerr(3), ipq_get_msgerr(3), ipq_get_msgerr(3), ipq_get_packet(3), ipq_get_packet(3), ipq_get_packet(3)


Tools for managing Linux kernel packet filtering capabilities


nftables compatibility for iptables, arptables and ebtables


Development files for the ip_queue kernel mechanism


ipq_message_type, ipq_get_packet, ipq_getmsgerr — query queue messages


#include <linux/netfilter.h>
#include <libipq.h>
int ipq_message_type(const unsigned char *buf);
ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf);
int ipq_get_msgerr(const unsigned char *buf);


The ipq_message_type function returns the type of queue message returned to userspace via ipq_read.
ipq_message_type should always be called following a successful call to ipq_read to determine whether the message is a packet message or an error message. The buf parameter should be the same data obtained from the previous call to ipq_read.
ipq_message_type will return one of the following values:
An error message generated by the Netlink transport.
A packet message containing packet metadata and optional packet payload data.
The ipq_get_packet function should be called if ipq_message_type returns IPQM_PACKET. The buf parameter should point to the same data used for the call to ipq_message_type. The pointer returned by ipq_get_packet points to a packet message, which is declared as follows:
typedef struct ipq_packet_msg {
        unsigned long packet_id;        /* ID of queued packet */
        unsigned long mark;             /* Netfilter mark value */
        long timestamp_sec;             /* Packet arrival time (seconds) */
        long timestamp_usec;            /* Packet arrvial time (+useconds) */
        unsigned int hook;              /* Netfilter hook we rode in on */
        char indev_name[IFNAMSIZ];      /* Name of incoming interface */
        char outdev_name[IFNAMSIZ];     /* Name of outgoing interface */
        unsigned short hw_protocol;     /* Hardware protocol (network order) */
        unsigned short hw_type;         /* Hardware type */
        unsigned char hw_addrlen;       /* Hardware address length */
        unsigned char hw_addr[8];       /* Hardware address */
        size_t data_len;                /* Length of packet data */
        unsigned char payload[0];       /* Optional packet data */
} ipq_packet_msg_t;
Each of these fields may be read by the application. If the queue mode is IPQ_COPY_PACKET and the data_len value is greater than zero, the packet payload contents may be accessed in the memory following the ipq_packet_msg_t structure to a range of data_len.
The packet_id field contains a packet identifier to be used when calling ipq_set_verdict.
The ipq_get_msgerr function should be called if ipq_message_type returns NLMSG_ERROR. The buf parameter should point to the same data used for the call to ipq_message_type. The value returned by ipq_get_msgerr is set by higher level kernel code and corresponds to standard errno values.


None known.


James Morris <>


Copyright (c) 2000-2001 Netfilter Core Team.
Distributed under the GNU General Public License.


⇧ Top