I have a rule configured to remove udp / tcp packages with the corresponding lines. however, my program that captures a package using libpcap can still see this package.
Why is this / what should the iptable rules be for removing packages before it sees libpcap?
In any case, it is possible, in addition to the iptables rules, that you need to remove this package before libpcap / tcpdump sees it?
Yes, libpcap sees all the packages. . They are captured before being filtered.
? , , libpcap .
* , linux *
EDIT: Libpcap - . linux , netfilter.
libpcap netfilter, netfilter - , , , . ? , libpcap netfilter, iptables. , , netfilter, . , libpcap .
Source: https://habr.com/ru/post/1707764/More articles:что бы вы сделали на шахматной доске? (позиция позиции) - algorithmStored output parameter proc + Choose not to send the return output parameter - c #Grid with too many columns on a fixed-width site - asp.netКак проверить, существует ли временная таблица в SQL Anywhere? - sqlHow to get background color of loaded swf? - flexDraw a line of length X, given by a point in space, and the vector - mathConvert DOM Node or document to XML in JavaScript - javascriptHow to get background color of downloaded SWF file? - actionscriptJavascript performance measurement in IE - javascriptФормы IE6: фокус отключен в полях ввода? (Несколько IE после IE8) - internet-explorerAll Articles