Hi,
Sorry for posting multiple times. This should be my last one.
I modified the conntrack_create_nat.c to redirect udp traffic coming
from a specific IP:port to another IP, but the program gives error,
the result of ret is (-1). Does anyone know what's wrong?
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#include <libnetfilter_conntrack/libnetfilter_conntrack_udp.h>
int main()
{
int ret;
struct nfct_handle *h;
struct nf_conntrack *ct;
ct = nfct_new();
if (!ct) {
perror("nfct_new");
return 0;
}
nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("192.168.1.12"));
nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("192.168.1.102"));
nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_UDP);
nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(5060));
nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(5060));
nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
//nfct_set_atrr_u8(ct, ATTR_UDP_STATE, UDP_CONNTRACK_SYN_SENT);
//nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
nfct_set_attr_u32(ct, ATTR_TIMEOUT, 100);
nfct_set_attr_u32(ct, ATTR_SNAT_IPV4, inet_addr("192.168.1.13"));
h = nfct_open(CONNTRACK, 0);
if (!h) {
perror("nfct_open");
return -1;
}
ret = nfct_query(h, NFCT_Q_CREATE, ct);
printf("TEST: create conntrack ");
if (ret == -1)
printf("(%d)\n", ret);
else
printf("(OK)\n");
nfct_close(h);
ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS);
}
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
