ipq_set_verdict - issue verdict and optionally modified packet to
int ipq_set_verdict(const struct ipq_handle *h, ipq_id_t id, unsigned
int verdict, size_t data_len, unsigned char *buf);
The ipq_set_verdict function issues a verdict on a packet previously
obtained with ipq_read, specifing the intended disposition of the
packet, and optionally supplying a modified version of the payload
The h parameter is a context handle which must previously have been
returned successfully from a call to ipq_create_handle.
The id parameter is the packet identifier obtained via ipq_get_packet.
The verdict parameter must be one of:
Accept the packet and continue traversal within the kernel.
Drop the packet.
Requeue the packet.
NF_STOLEN and NF_REPEAT are kernel-internal constants and should not be
used from userspace as their exact side effects have not been
The data_len parameter is the length of the data pointed to by buf, the
optional replacement payload data.
If simply setting a verdict without modifying the payload data, use
zero for data_len and NULL for buf.
The application is responsible for recalculating any packet checksums
when modifying packets.
On failure, -1 is returned.
On success, a non-zero positive value is returned.
On error, a descriptive error message will be available via the
James Morris <firstname.lastname@example.org>
Copyright (c) 2000-2001 Netfilter Core Team.
Distributed under the GNU General Public License.