Andy,
thanks alot. It works now.
P
On Tue, Jul 27, 2010 at 4:52 PM, Andrew Beverley <andy@xxxxxxxxxxx> wrote:
>>>> I would like to use libfilter_conntrack to remove an entry in the
>>>> conntrack table.
>>>>
>>>> Does anyone have an example showing how to do that programmatically?
>>>
>>> There's an example in the source code, in utils/conntrack_delete.c
>>>
>> I am using the conntrack_delete example to try to delete this entry:
>> udp 17 29 src=192.168.1.56 dst=192.168.1.114 sport=16385
>> dport=26956 packets=28149 bytes=7881720 [UNREPLIED] src=192.168.1.114
>> dst=192.168.1.56 sport=26956 dport=16385 packets=0 bytes=0 mark=0
>> secmark=0 use=2
>>
>> But I am having problem doing so with the lines of code below:
>>
>> ct = nfct_new();
>> if (!ct) {
>> perror("nfct_new");
>> return 0;
>>
>> }
>> nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
>> nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC,
>> inet_addr("192.168.1.56"));
>>
>> nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_UDP);
>> nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, htons(16385));
>>
>
> You need to also specify the destination IP address and port number. I think
> that as a minumum you must specify all 6 peices of information: source/dest
> IP address and port number, and the layer 3 and layer 4 protocol.
>
> Regards,
>
> Andy
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
