On Wed, Oct 26, 2016 at 08:27:46AM -0700, Richard Peeters wrote: > Hi, > > I am referring to commit : > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a29a9a585b2840a205f085a34dfd65c75e86f7c3 > which was pulled in with 4.4, I am running kernel 4.8, and wondering > how I would be able to access the attached conntrack info in user > space. > > My application runs in user space and retrieves packets that match a > specific criteria from iptables using NFLOG, I would like to get > conntrack information for said packet. > > I use libnetfilter_log but I do not see any API exposed that will give > me this information, even if I was able to extract information using > libnfnnetlink apis, > ( nfnl_get_pointer_to_data(nfad->nfa, NFULA_CT, struct nf_conn);) > the best I could get in this app would be a struct nf_conn pointer. > > My question is : since struct nf_conn is not exposed to userspace, how > is one supposed to use the attached information in userspace? It would > be great to see some example code. You can apply this patch on top of libnetfilter_log: https://patchwork.ozlabs.org/patch/530498/ I requested one small change (see thread for details), it would be great if you could take it, revamp it and resubmit it so I can apply this. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
