:) On Mon, Jun 14, 2010 at 1:51 PM, GLAUME Vincent <vincent.glaume@xxxxxx> wrote: > Hi there, > > I'm currently trying to figure out how the whole libnetfilter_conntrack > works, and more precisely the expect part of the lib. > My aim is to be able to create new expectation entries with this lib in an > application that would inspect packets (either coming from a pcap-based > sniffer or from netfilter via the nfqueue mechanism) : thus I'd like to > allow connections related to the inspected (and already allowed) > connections. > > My various tests make me think that to create such an expectation entry, a > kernel module related to the master connection is required: am I right? > For instance, the "expect_create" app in the libnetfilter_conntrack "utils" > subdirectory works fine, unless I modify the destination port of the master > conntrack structure... then it's no longer related to the FTP conntrack > mechanism... > Same thing happens when using the conntrack app. from the conntrack-tools. > > So, I'd like to know how to do this the right way, without coding the whole > inspection thing in a kernel module (if this is possible). Is there any > generic tcp conntrack system that could help here? > As I'm not too sure to fully understand the whole mechanism of expected > connection creation, any hint is welcome! > I hope this is not too confused... Thanks, > > -- > V. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" > in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
