I've been attempting to play with netfilter_queue to see how effective
a certain similarity hashing technique would work for identifying
parts of documents being sent out over the network, but I haven't had
much progress even getting the test program to work.
I can compile and link nfq_test.c fine, using both the old versions of
libnfnetfiler and libnetfilter_queue available from ubuntu's apt, and
by using the newest released versions compiled from source.
However, in any case when I run the compiled nfq_test, the program
seems to do nothing after setting the packet copy mode. So it seems
to me as if it is perpetually waiting for a packet to be sent over the
netlink, but one never arrives, no matter how much network traffic I
have.
Am I missing some vital piece of setup? When I run nfq_test, there
are two netfilter modules loaded. Should there be more? Do they need
to be configured somehow? Is this the expected behavior?
I have tested this both on my ubuntu install and on a friend's debian,
both machines exhibit the same behavior. Any help is certainly
appreciated.
a certain similarity hashing technique would work for identifying
parts of documents being sent out over the network, but I haven't had
much progress even getting the test program to work.
I can compile and link nfq_test.c fine, using both the old versions of
libnfnetfiler and libnetfilter_queue available from ubuntu's apt, and
by using the newest released versions compiled from source.
However, in any case when I run the compiled nfq_test, the program
seems to do nothing after setting the packet copy mode. So it seems
to me as if it is perpetually waiting for a packet to be sent over the
netlink, but one never arrives, no matter how much network traffic I
have.
Am I missing some vital piece of setup? When I run nfq_test, there
are two netfilter modules loaded. Should there be more? Do they need
to be configured somehow? Is this the expected behavior?
I have tested this both on my ubuntu install and on a friend's debian,
both machines exhibit the same behavior. Any help is certainly
appreciated.