I have a simple emulator which receives queued packets from the kernel nfnetlink_queue subsystem. Handling of incoming packets can be done via a loop using recv() function:
(for more info, see here. An example code is here: http://www.netfilter.org/projects/libnetfilter_queue/doxygen/nfqnl__test_8c_source.html)
fd = nfq_fd(h);
while ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0) {
printf("pkt received\n");
nfq_handle_packet(h, buf, rv);
}
What does recv() function return? I am facing with a strange issue: When it is working correctly, recv() returns 1552, suddenly it gets 120, and for the next iteration, it gets -1 which mean no packet. In the case that we have are continuously sending packets, so -1, or no packets to read shall not be correct!! Any opinions?
recv() may return -1 and errno is set to ENOBUFS in case your application is not fast enough to retrieve the packets from the kernel. In that case, you can increase the socket buffer size by means of nfnl_rcvbufsiz(). Although this delays ENOBUFS errors, you may hit it again sooner or later.
Source: libnetfilter_queue Documentation