github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add experimental nfqueue interception backend

Browse Source 
This commit adds a new experimental nfqueue interception
backed based on github.com/florianl/go-nfqueue. It should
add more stability to the interception of network packets
and also eliminates the CGO and the runtime dependency on
libnetfilter_queue. Note that this commit does not remove
the old nfqueue backend yet but adds a --experimental-nfqueue
flag to portmaster-core.
This commit is contained in:
Patrick Pacher
2020-07-30 08:04:40 +02:00
parent 53b0ea4a7c
commit 0451e99431
6 changed files with 296 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
firewall/interception/nfqueue/nfqueue.go
View File

@@ -66,6 +66,11 @@ func NewNFQueue(qid uint16) (nfq *NFQueue, err error) {
return nfq, nil
}
// PacketChannel returns a packet channel
func (nfq *NFQueue) PacketChannel() <-chan packet.Packet {
return nfq.Packets
}
func (nfq *NFQueue) init() error {
var err error
if nfq.h, err = C.nfq_open(); err != nil || nfq.h == nil {