int ipq_set_verdict(const struct ipq_handle *h, ipq_id_t id, unsigned int verdict, size_t data_len, unsigned char *buf);
function issues a verdict on a packet previously obtained with
specifing the intended disposition of the packet, and optionally
supplying a modified version of the payload data.
parameter is a context handle which must previously have been returned
successfully from a call to
parameter is the packet identifier obtained via
parameter must be one of:
Accept the packet and continue traversal within the kernel.
Drop the packet.
Requeue the packet.
NF_STOLEN and NF_REPEAT are kernel-internal constants and should
not be used from userspace as their exact side effects have not been
parameter is the length of the data pointed to
the optional replacement payload data.
If simply setting a verdict without modifying the payload data, use zero
and NULL for
The application is responsible for recalculating any packet checksums
when modifying packets.
On failure, -1 is returned.
On success, a non-zero positive value is returned.
On error, a descriptive error message will be available