---

• Description of nfqueue

nfqueue is a tiny wrapper around libnetfilter_queue. It allows you to do some packet filtering very simply in a Ruby environment.

For example, plugging on the #0 queue:

require ‘nfqueue’

system(‘sudo iptables -A OUTPUT -p tcp –dport 80 -j NFQUEUE –queue-num 0’)

Netfilter::Queue.create(0) do |packet|

puts "Inspecting packet ##{packet.id}"

p packet.data
Netfilter::Packet::ACCEPT

end

You basically need to have kernel support for NFQUEUE and libnetfilter_queue installed to get it working.

• Dependencies

nfqueue depends on ffi (github.com/ffi/ffi/wiki/)

• Contact

Guillaume Delugré, guillaume at security-labs dot org