ut 17. 8. 2021 o 17:05 Fatih USTA <fatihusta86@xxxxxxxxx> napísal(a):
> Hi
> Did you enable sysctl parameters.
>
> sysctl -w nf_conntrack_acct=1
> sysctl -w nf_conntrack_timestamp=1
>
Yes, both are enabled. conntrack -L displays counters and delta-time correctly.
u_int32_t pkts = nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS );
printf(" Packet counter: %d", ntohs(pkts));
printf(" (%s)\n", strerror(errno));
returns 0 (No data available)
I'm attaching draft-work of module to check.
https://drive.google.com/file/d/1KouPKrrANvOihBuQH8Uwslk3pBkmP95q/view?usp=sharing
I'm not sure about parsing
static inline int
interp_packet(struct ulogd_pluginstance *upi, uint8_t pf_family,
struct nflog_data *ldata)
{
struct ulogd_key *ret = upi->output.keys;
struct nfulnl_msg_packet_hdr *ph = nflog_get_msg_packet_hdr(ldata);
.......
retb = nflog_nlmsg_parse(ph, attrs);
if (retb != MNL_CB_OK) {
printf("something went wrong");
printf(" (%s)\n", strerror(errno));
return retb;
}
nfg = mnl_nlmsg_get_payload(ph);
print_nfct(nfg->nfgen_family, attrs[NFULA_CT_INFO], attrs[NFULA_CT], ret);
