Using NetFilterSDK API
API has two interfaces for using from C++ and C code, switched by defining the symbol _C_API.
By default the library allows all network activity and bypasses the data packets
without filtering. The client application must create one or more rules using API to specify what network activity must be filtered.
- Implement the methods of NF_EventHandler
by defining a class derived from this interface.
- Initialize API with a call to nf_init
the filtering session name and the pointer to an object of class derived from NF_EventHandler.
- Add the filtering rules using nf_setRules
- Handle API notifications in overridden NF_EventHandler methods. The library calls
these methods from a separate thread, so synchronization is required in case if the
same data are simultaneously accessed from the other threads. It is possible to
save the copies of indicated data buffers and send the filtered data back to destination
from any thread later.
- To remove the rules and disable filtering new connections call
. The library continues indicating events for active TCP connections
in this case until they close, because the filtering flag is assigned when a connection
is establishing, and remains active during the connection lifetime.
- Call nf_free
to stop the filtering and free the library internal structures.
Sample code: samples\PassThrough
- Define the symbol _C_API before including nfapi_linux.h and link with the correspondent
build of nfproxy.a.
- For C projects NF_EventHandler is defined as a structure with the pointers to
event handler functions.
Everything else is the same as for C++.