@@ -26,7 +26,6 @@ The following script prints a short description of each packet before accepting
2626 except KeyboardInterrupt:
2727 print
2828
29-
3029To send packets destined for your LAN to the script, type something like::
3130
3231 iptables -I INPUT -d 192.168.0.0/24 -j NFQUEUE --queue-num 1
@@ -164,7 +163,33 @@ The fields are:
164163Limitations
165164===========
166165
167- TODO: fix this up
166+ More details coming soon...
167+
168+ * Compiled with a 4096-byte buffer for packets, so it probably won't work on
169+ loopback or Ethernet with jumbo packets. If this is a problem, either lower
170+ MTU on your loopback, disable jumbo packets, or get Cython,
171+ change ``DEF BufferSize = 4096 `` in ``netfilterqueue.pyx ``, and rebuild.
172+ * Full libnetfilter_queue API is not yet implemented:
173+
174+ * Omits ``packet.set_payload() `` for altering packet data
175+ * Omits methods for getting information about the interface a packet has
176+ arrived on or is leaving on
177+ * Probably other stuff is omitted too
178+
179+ * When a packet has been marked, we use nfq_set_verdict_mark rather than
180+ nfq_set_verdict2. Apparently nfq_set_verdict_mark
181+ `is broken <http://netfilter.org/projects/libnetfilter_queue/doxygen/group__Queue.html#ga1986d6387c5aa2a837c02e87ae3b45ff >`_,
182+ although it works for me.
183+
184+ Source
185+ ======
186+
187+ https://github.com/kti/python-netfilterqueue
188+
189+ License
190+ =======
191+
192+ Copyright (c) 2011, Kerkhoff Technologies, Inc.
193+ All rights reserved.
168194
169- * compiled to max 2048-byte packets, so won't work on LO?
170- * full API not implemented: omits set_payload(), interface methods, and what else?
195+ Licensed under `BSD <https://github.com/kti/python-netfilterqueue/blob/master/LICENSE.txt >`_
0 commit comments