1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <string.h> 4 #include <errno.h> 5 #include <arpa/inet.h> 6 7 #include <libnetfilter_conntrack/libnetfilter_conntrack.h> 8 #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h> 9 10 static int cb(enum nf_conntrack_msg_type type, 11 struct nf_conntrack *ct, 12 void *data) 13 { 14 char buf[1024]; 15 16 nfct_snprintf(buf, sizeof(buf), ct, NFCT_T_UNKNOWN, NFCT_O_DEFAULT, NFCT_OF_SHOW_LAYER3); 17 printf("%s\n", buf); 18 19 return NFCT_CB_CONTINUE; 20 } 21 22 int main(void) 23 { 24 int ret; 25 struct nfct_handle *h; 26 struct nf_conntrack *ct; 27 28 ct = nfct_new(); 29 if (!ct) { 30 perror("nfct_new"); 31 return 0; 32 } 33 34 nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET); 35 nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1")); 36 nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2")); 37 38 nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP); 39 nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20)); 40 nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10)); 41 42 h = nfct_open(CONNTRACK, 0); 43 if (!h) { 44 perror("nfct_open"); 45 nfct_destroy(ct); 46 return -1; 47 } 48 49 nfct_callback_register(h, NFCT_T_ALL, cb, NULL); 50 51 ret = nfct_query(h, NFCT_Q_GET, ct); 52 53 printf("TEST: get conntrack "); 54 if (ret == -1) 55 printf("(%d)(%s)\n", ret, strerror(errno)); 56 else 57 printf("(OK)\n"); 58 59 nfct_close(h); 60 61 nfct_destroy(ct); 62 63 ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS); 64 } 65