Pablo Neira Ayuso wrote: > Holger Eitzenberger wrote: >> Pablo Neira Ayuso wrote: >> >>>> Need by newer ulogd v2. >>> Why do you need this? If I apply this, I'll have to provide support for >>> people mixing calls to libnfnetlink and libnetfilter_conntrack which can >>> be a problematic. The subsys handles are encapsulated for that reason. >>> >>> If you really need them, I suggest you to use libnfnetlink together with >>> the low level functions libnetfilter_conntrack functions: >>> nfct_[build|parse]_conntrack and nfct_build_query. >> Which would nullify the use of libnetfilter-conntrack with ulogd. > > No way. You're abusing the library APIs. The proper way for what you > want to do is the following: > > 1) open a nfnl handle > 2) open a nfnl_subsys_handle > 3) register the callback > 4) use nfct_parse_conntrack inside the callback to get the conntrack > object while you can still access netlink details (such as the sequence > number). > 5) use nfct_build_query plus nfnl_query if you want to send request to > ctnetlink. I have found an example of this for you in old conntrack-tools release such as 0.9.3. See netlink.c file. I needed something similar at that time. Recent releases and current SVN only use libnetfilter_conntrack. -- "Los honestos son inadaptados sociales" -- Les Luthiers - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
