Hi everybody,
I have to write a module for matching in netfilter , extending the netfilter but I'm facing some problems can somebody guide me in that. I know that I need to write matching module working in kernel space and a program in userspace. I went through the HOWTO on netfilter-hacking but faced following problems :
-
In kernel module how is match function different from checkentry function (I got this confusion because a 0 return in checkentry and setting hotdrop to 1 seemed to do same thing). Please explain the meaning of each function elaborately.
-
As described in the HOWTO there is a structure in header file iptables.h that I need for program in userspace but I'm not able to locate this headerfile where can I find it.
If possible please send me an example of any module with both the kernel module and program for taking user input in userspace.
Thanks in advance.