Listing 1. NF_QUEUE Boilerplate Code in C

struct nfnl_handle *nh;
struct nfq_handle *h;
int ec, fd, rv;
char buf[1500];

// 1) Open library handle. For space reasons, the
//    error checking is not shown.

h = nfq_open();

// 2) Unbind existing nf_queue handler for AF_INET.
//    Ignore return code for 2.6.23 kernel.
//    See Resources for link.

ec = nfq_unbind_pf(h, AF_INET);

// 3) Bind the queue connection handle.

ec =  nfq_bind_pf(h, AF_INET);

// 4) Create queue, bind to queue 0 since that is
//    what the default QUEUE target in iptables
//    expects, specify callback function.

qh = nfq_create_queue(h, 0, &nfqueue_cb, NULL);

// 5) Set the amount of data to be copied to
// userspace for each packet sent to the queue.

nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff);

// Get the netlink handle associated with the queue
// connection handle.

nh = nfq_nfnlh(h);

// Get a file descriptor for the netlink handle.

fd = nfnl_fd(nh);

// Packet loop.

while ((rv = recv(fd, buf, sizeof(buf), 0)) &&
        rv >= 0) {
  nfq_handle_packet(h, buf, rv);
  }