I am writing an application using libnetfilter_queue that should perform the following function
- Receives packets from NFQUEUE
- Apply a decryption algorithm to packets
- Issue an ACCEPT verdict for decrypted packets
These packets are destined to another box behind the firewall running the above mentioned application.
I intend on siphoning out network packets at the PREROUTING chain of the Mangle table by using
iptables -t mangle -A PREROUTING -i eth0 -j NFQUEUE
1) I would like to know if the PREROUTING chain in the mangle table is an appropriate place to pick off the encrypted packets ?
2) Once the ACCEPT verdict is issued will the modified packets resume processing along the PREROUTING chain of the mangle table ?
3) Is there a well documented reference for API's that i will need to use while developing this application ?
Thanks in advance,