Psyspy 22 <psyspy2020@xxxxxxxxx> wrote: > Hello Duncan, > > I actually need connmark and other conntrack fields like secmark etc. > I think attr[NFQA_CT] is the correct way to access it but it's empty > in my case. > The libnetfilter_queue example sets connmark but doesn't show a way to > get connmark from the packet. IIRC you need to set NFQA_CFG_F_CONNTRACK in NFQA_CFG_FLAGS when setting up the queue. The example only sets F_GSO, so no conntrack info is added.
