Unable to Increase Queue Length After Updating to nfq_set_queue_maxlen

[binayak2587]

I am facing an issue while trying to increase the queue length in the Rust bindings for libnetfilter_queue. The existing API in lib.rs uses set_queuelen, but this is deprecated and no longer available. The recommended replacement is nfq_set_queue_maxlen, as per the man page.

Environment:

OS: Debian 12 (Bookworm) Libnetfilter-queue Version:

apt list --installed | grep libnetfilter-queue libnetfilter-queue-dev/stable,now 1.0.5-3 amd64 [installed] libnetfilter-queue1/stable,now 1.0.5-3 amd64 [installed] Current Code:

pub fn set_queuelen(&self, queuelen: u32) { assert!(!self.qqh.is_null()); unsafe { nfq_set_queuelen(self.qqh, queuelen); } } Issue: I replaced nfq_set_queuelen with nfq_set_queue_maxlen, built the crate locally, and tested it, but I am still unable to increase the queue length. The queue length remains limited despite applying the change.

Expected Behavior: The queue length should increase when using the updated API.

Steps Taken: Updated the Rust FFI bindings to use nfq_set_queue_maxlen instead of nfq_set_queuelen. Built and tested the crate locally. Verified that the function is being called correctly, but the queue length does not increase as expected.

04998.883969] nfnetlink_queue: nf_queue: full at 1024 entries, dropping packets(s) [104998.884100] nfnetlink_queue: nf_queue: full at 1024 entries, dropping packets(s) [104998.884141] nfnetlink_queue: nf_queue: full at 1024 entries, dropping packets(s) [104998.884193] nfnetlink_queue: nf_queue: full at 1024 entries, dropping packets(s)

Request for Help: Is there any additional configuration needed to make nfq_set_queue_maxlen work correctly? Could this be an issue with how the Rust bindings interact with the underlying C library? Any suggestions for debugging or workarounds would be appreciated.