1

I found an example about intercepting IPv6 packets using netfilter along with libipq library.

It begins by declaring and creating an ipq_handle structure:

struct ipq_handle *h;
h = ipq_create_handle(0, NFPROTO_IPV6);
if (!h) die(h);

The corresponding die() function is like the following

static void die(struct ipq_handle *h)
ipq_error("Passer");
ipq_destroy_handle(h);
exit(1);

However, the program fails to run properly generating the following:

Passer: Unable to create netlink socket: Protocol not supported

Anyone knows the likely cause of the problem?

Mouad
  • 137
  • 1
  • 3
  • 11
  • Do you have IPv6 enabled in the operating system? – Michael Hampton Apr 29 '13 at 16:25
  • Obvious answer: IPv6 is not supported in that version? – Steve-o Apr 29 '13 at 17:06
  • I'm using ubuntu 12.04 on my virtual machines. I guess IPv6 is enabled by default. Actually I configured global IPv6 addresses and managed to send IPv6 UDP sockets before attempting to use netlink sockets! – Mouad Apr 30 '13 at 07:48
  • I think you need the ip6_queue kernel module. Its not part of my ubuntu 13.04 default desktop install at least. Edit: maybe I am a bit out of date: http://lxr.linux.no/#linux+v3.9/Documentation/ABI/removed/ip_queue (I hope the libipq devs are not) – thuovila Apr 30 '13 at 10:23
  • @thuovila Apparently it was deprecated! – Mouad Apr 30 '13 at 11:06

1 Answers1

3

Along with ip(6)_queue, libipq has been deprecated. Quoting from the Wikipedia article:

Libipq has been deprecated in favour of the newer libnetfilter_queue in Linux kernel-2.6.14 onwards.

alexwlchan
  • 5,699
  • 7
  • 38
  • 49
thuovila
  • 1,960
  • 13
  • 21