diff --git a/src/nm-netlink-monitor.c b/src/nm-netlink-monitor.c
index ba8053e..5ac39d3 100644
--- a/src/nm-netlink-monitor.c
+++ b/src/nm-netlink-monitor.c
@@ -177,40 +177,15 @@ link_msg_handler (struct nl_object *obj, void *arg)
 static int
 event_msg_recv (struct nl_msg *msg, void *arg)
 {
-	struct nl_sock *nlh = arg;
-	struct nlmsghdr *hdr = nlmsg_hdr (msg);
 	struct ucred *creds = nlmsg_get_creds (msg);
-	const struct sockaddr_nl *snl;
-	guint32 local_port;
-	gboolean accept_msg = FALSE;
-
-	/* Only messages sent from the kernel */
-	if (!creds || creds->uid != 0) {
-		nm_log_dbg (LOGD_HW, "ignoring netlink message from UID %d",
-		            creds ? creds->uid : -1);
-		return NL_SKIP;
-	}
-
-	snl = nlmsg_get_src (msg);
-	g_assert (snl);
-
-	/* Accept any messages from the kernel */
-	if (hdr->nlmsg_pid == 0 || snl->nl_pid == 0)
-		accept_msg = TRUE;
 
-	/* And any multicast message directed to our netlink PID, since multicast
-	 * currently requires CAP_ADMIN to use.
-	 */
-	local_port = nl_socket_get_local_port (nlh);
-	if ((hdr->nlmsg_pid == local_port) && snl->nl_groups)
-		accept_msg = TRUE;
-
-	if (accept_msg == FALSE) {
-		nm_log_dbg (LOGD_HW, "ignoring netlink message from PID %d (local PID %d, multicast %d)",
-		            hdr->nlmsg_pid,
-		            local_port,
-		            (hdr->nlmsg_flags & NLM_F_MULTI));
-		return NL_SKIP;
+	if (!creds || creds->pid || creds->uid || creds->gid) {
+		if (creds)
+			nm_log_dbg (LOGD_HW, "netlink: received non-kernel message (pid %d uid %d gid %d)",
+			            creds->pid, creds->uid, creds->gid);
+		else
+			nm_log_dbg (LOGD_HW, "netlink: received message without credentials");
+		return NL_STOP;
 	}
 
 	return NL_OK;
@@ -285,7 +260,7 @@ nlh_setup (struct nl_sock *nlh,
 {
 	int err;
 
-	nl_socket_modify_cb (nlh, NL_CB_MSG_IN, NL_CB_CUSTOM, event_msg_recv, cb_data);
+	nl_socket_modify_cb (nlh, NL_CB_MSG_IN, NL_CB_CUSTOM, event_msg_recv, NULL);
 
 	if (valid_func)
 		nl_socket_modify_cb (nlh, NL_CB_VALID, NL_CB_CUSTOM, valid_func, cb_data);