When I use 'nfq_get_payload(nfqData, &data);' and then print 'data', all I get are E's, is there something else that I should be doing to get the payload?
ret = nfq_get_payload(nfqData, &data);
if (ret >= 0)
printf("payload_len=%d \nPayload: %s", ret, data);
the data parameter is of type char**, which in this case we can think of as a pointer to a list of chars. The call sets data to the list of chars of the packet. However, even though a "c string" is also of type char* the data returned here is not a a c-string because it has embedded nulls. If you try to print it with %s you'll only get data up to the first null.
I bet you're getting a IP packet, because the first byte of a IP packet header is nearly always 0x45, which in ASCII is the letter 'E'. This if followed by a TOS field, which is almost always 0, or NULL. This 0x45,0x00 is a valid c-string and is why you're getting an E.
You really want to use the return value, ret, as a loop counter and print each byte of the packet:
for (int i = 0; i < ret; i++) {
printf(" 0x%1X ", data[i] );
}
Take a look at Why does printf not print out just one byte when printing hex? for a discussion of printing buffers.
