Hi folks, I'm trying to find a possibility to filter incoming packets in PF_RING (using hash or wildcard rules, or BPF, doesn't matter) and then relay the packets that pass the filter to my userspace application. However, inside the application I need to know which rule has caused the packet to be relayed. So basically I'm looking for a functionality like NFQUEUE.
Looking through the PF_RING documentation, I see only 2 possibilities, either of which I would describe as a hack: - register a number of almost identical plugins with a number of filtering rules, with the difference being that each plugin somehow adds its respective ID to the packet before forwarding to userspace - implement filters in userspace, basically filtering again after the packet has already been relayed Can anyone think of a better way? Am I missing something? Cheers, Randy
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
