Netfilter NFLOG high-level bindings
C CMake Makefile
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
examples Add example using scapy ( Aug 25, 2016
python Python: do not print() error, it is raised Aug 25, 2016
.travis.yml Add Travis CI integration Jul 24, 2016
CMakeLists.txt cmake: change deprecated macro UsePkgConfig to FindPkgConfig Aug 5, 2015
ChangeLog Prepare ChangeLog for release 0.3 Jul 26, 2016
INSTALL Fix some references to nfqueue Jan 5, 2009
Makefile Add Travis CI integration Jul 24, 2016
exception.c Really raise exception on error Aug 23, 2016
libnetfilter_log.i Wrap nflog_set_mode() Aug 25, 2016
nflog.h Change API to allow teardown from within callback function (try_run -… Dec 23, 2015
nflog_common.h Wrap nflog_set_mode() Aug 25, 2016
nflog_utils.c Initial version Jan 4, 2009
nflog_utils.h Initial version Jan 4, 2009
nflog_version.h.cmake Initial version Jan 4, 2009


Build Status


nflog-bindings was written to provide an interface in high-level languages such as Perl or Python to libnetfilter_log. The goal is to provide a library to gain access to packets queued by the kernel packet filter.

It is important to note that these bindings will not follow blindly libnetfilter_log API. For ex., some higher-level wrappers will be provided for the open/bind/create mechanism (using one function call instead of three).

Since libraries to decode ip packets are already available, the bindings will use them.

Remember that an application connection to libnetfilter_log must run as root to be able to create the queue. Some extra steps may be required to drop privileges after if you need more security.


You must add rules in netfilter to send packets to the userspace queue. The number of the queue (--nflog-group option in netfilter) must match the number provided to create_queue().

Example of iptables rules::

iptables -A OUTPUT --destination -j NFLOG --nflog-group 1

Of course, you should be more restrictive, depending on your needs.