Hello.
I tried to post this in the User Mailing List, but may be this is a
better place.
I have a doubt on the correct usage of the conntrack func "nf_ct_get".
I'm calling it in this way in my netfilter, to track UDP traffic:
-----<Code snippet>-----
ct = nf_ct_get(skb, &ctinfo);
if (ct == NULL)
...
-----<Code snippet>-----
On some systems it just work. In some others I get the result as NULL
until I do something like
# iptables -A OUTPUT -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT
I understand that this is due to some module missing.
I did some additional investigations and it looks that what I'm looking
for can be accomplished with the call to
nf_ct_l3proto_try_module_get
But this looks valid only for some 4.x kernel versions. From more
recent versions
it looks this has been removed. Anyone can point me to how to approach
this on newer
kernels?
Thanks you so much for your help!
CC
