[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    Re: [PATCH] ct-event API port to 2.6.11
From:       Pablo Neira <pablo () eurodev ! net>
Date:       2005-04-08 12:46:13
Message-ID: 42567D15.8090102 () eurodev ! net
[Download RAW message or body]

Amin Azez wrote:
> Thanks for the patches Pablo, they seemed to do the trick.
> ctnl_del_conntrack has been expanded to 3 args, should I be using 
> CTA_UNSPEC or CTA_ORIG or CTA_STATUS as the 3rd arg on line 118 of 
> ctnltest.c?

+int ctnl_del_conntrack(struct ctnl_handle *cth,
+                      struct ip_conntrack_tuple *tuple,
+                      enum ctattr_type_t t)

The 3rd arguments says if you're referring to CTA_ORIG or CTA_RPLY. So 
you can kill conntracks based on the direction.

This stuff is under development so nobody can't assure that the API will 
change in future.

> ctnl_del_conntrack(cth, NFA_DATA(cb[CTA_ORIG]),XXXXX);
> 
> For the record, to help those who follow, to get libctnetlink and 
> libnfnetlink working, here are the instructions.
> 
> 1) unpack the pristine kernel sources of 2.6.11
> 2) apply pablos patches from 
> http://people.netfilter.org/pablo/patches/nfnetlink-conntrack-0.50-2.6.11/
> 3) build and install your kernel & modules with all the right NF options 
> enabled
> 4) unpack a recent libctnetlink from 
> ftp://ftp.netfilter.org/pub/libctnetlink/snapshot/
> 5) run:
>   automake-1.4
>   autoconf
> 6) unpack a recent libnfnetlink from 
> ftp://ftp.netfilter.org/pub/libnfnetlink/snapshot/
> make a symlink from libnfnetlink-2005xxxx to libnfnetlink so that 
> libctnetlink can find it
> 7) run:
>   automake-1.4
>   autoconf
> 8) inside the libctnetlink dir
> ./configure
> make
> make install
> 9) inside the libnfnetlink dir
> ./configure
> make
> make install

Thanks, people surely would appreciate this to save time.

> Attached is my candidate patch for ctnltest.c which can be compiled with:

fix ctnl_del_conntrack, CTA_UNSPEC isn't ok as 3rd param.

--
Pablo

[prev in list] [next in list] [prev in thread] [next in thread]