On Wed, Aug 18, 2021 at 10:06:40PM +0200, Blažej Krajňák wrote:
> I'm really confused from searching a bug.
>
> Getting nf_conntrack via nflog_nlmsg_parse(ph, attrs); is (I think)
> bad because ph parameter must be nlmsghdr not nfulnl_msg_packet_hdr
Right, nflog_nlmsg_parse() should take the nlh parameter.
> So different way. I added new getters to libnetfilter_log.c:
>
> struct nf_conntrack *nflog_get_ct(struct nflog_data *nfad)
> {
> return nfnl_get_pointer_to_data(nfad->nfa, NFULA_CT, struct nf_conntrack);
> }
This will not work (as you noticed). The kernel does not store a
struct in the NFULA_CT attribute.
Better to stick to use nflog_nlmsg_parser(), my suggestion is:
#1 msg_cb() provides struct nfgenmsg *nfmsg, you could retrieve the nlmsg
from there since the nlmsghdr comes before nfgenmsg:
struct nlmsghdr *nlh;
nlh = (struct nlmsghdr *)((void *)nfg - sizeof(*nlh));
err = nflog_nlmsg_parse(nlh, attrs);
if (err < 0)
... error path
#2 once you have access to attrs[NFULA_CT], from there on:
struct nf_conntrack *ct;
ct = nfct_new();
if (!ct)
... error path
err = nfct_nlmsg_parse(nlh, ct);
if (err < 0)
... error path
Then, you get the pointer to conntrack object.
