Hi All, Just a little question about nfct_query used to check the state of a connection. What is it supposed to return ? I guess it's 0 if the packet is part of an active connection (tell me if I'm wrong) but what does a "-1" value mean ? An error or a packet seen for the first time ? For information, my piece (truncated) of code : ct = nfct_new(); nfct_set_attr_u8(ct, ATTR_ORIG_L3PROTO, AF_INET); nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC, iph->saddr); nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_DST, iph->daddr); nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, iph->protocol); nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, tcp->source); nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, tcp->dest); cth = nfct_open(CONNTRACK, 0); nfct_callback_register(cth, NFCT_T_ALL, cb, NULL) conn_state = nfct_query(cth, NFCT_Q_GET, ct); nfct_close(cth); return conn_state; Thanks, julien -- www.linuxwall.info
