NFQUEUE target

The NFQUEUE target is used much the same way as the QUEUE target, and is basically an extension of it. The NFQUEUE target allows for sending packets for separate and specific queues. The queue is identified by a 16-bit id.

This target requires the nfnetlink_queue kernel support to run. For more information on what you can do with the NFQUEUE target, see the QUEUE target.

Table 11-12. NFQUEUE target options

Option--queue-num
Exampleiptables -t nat -A PREROUTING -p tcp --dport 80 -j NFQUEUE --queue-num 30
ExplanationThe --queue-num option specifies which queue to use and to send the queue'd data to. If this option is skipped, the default queue 0 is used. The queue number is a 16 bit unsigned integer, which means it can take any value between 0 and 65535. The default 0 queue is also used by the QUEUE target.

Note

Works under Linux kernel 2.6.14 and later.