Metadata-Version: 2.1
Name: fnfqueue
Version: 1.1.0
Summary: Fast python library encapsulating the nfqueue netlink interface.
Home-page: https://github.com/notti/fnfqueue
Author: Gernot Vormayr
Author-email: gvormayr@gmail.com
License: MIT
Description: fnfqueue
        ========
        
        [![Build Status](https://travis-ci.org/notti/fnfqueue.svg?branch=master)](https://travis-ci.org/notti/fnfqueue)
        [![Python Versions](https://img.shields.io/pypi/pyversions/fnfqueue.svg)](https://pypi.org/project/fnfqueue/)
        [![PyPI - License](https://img.shields.io/pypi/l/fnfqueue.svg)](https://pypi.org/project/fnfqueue/)
        
        Fast netfilter nfqueue python and C interface. Gets the speed from
        - avoiding memory allocation
        - batching reads (uses `recv_mmsg`)
        
        It also does not use the callback-like interface of libnetfilter-queue and provides a more python like iterator interface. Additionally, it doesn't assume anything and therefore doesn't automatically set verdicts on packets (unlike python-nfqueue in debian which accepts everything after you return from the callback...)
        
        It can handle `ping -f` (even `iperf` if the moon is in the right spot) to localhost from within python.
        
        Focus is on a python like interface.
        
        Short example for mangling packets:
        ```bash
        iptables -A OUTPUT <filter here> -j NFQUEUE --queue-num 1
        ```
        
        ```python
        import fnfqueue
        
        queue = 1
        conn = fnfqueue.Connection()
        
        try:
            q = conn.bind(queue)
            q.set_mode(0xffff, fnfqueue.COPY_PACKET)
        except PermissionError:
            print("Access denied; Do I have root rights or the needed capabilities?")
            sys.exit(-1)
        
        while True:
            try:
                for packet in conn:
                    packet.payload = packet.payload # modify the packet here
                    packet.mangle()
            except fnfqueue.BufferOverflowException:
                print("buffer error")
                pass
        
        conn.close() # this can be called concurrently to cancel the above for loop
        ```
        
        Help is provided as python docs.
        
        No C libraries are needed. Needs cffi for building. Kernel and libc must be recent enough to support `nfqueue` and `recvmmsg` (linux 2.6.33, glibc 2.12 - more recent kernels provide better performance).
        
Keywords: nfqueue netfilter netlink iptables firewall mangle
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Other Environment
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Telecommunications Industry
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: C
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Internet
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries
Classifier: Topic :: System :: Operating System Kernels :: Linux
Description-Content-Type: text/markdown
