diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-03 22:33:53 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-03 22:33:53 +0000 |
| commit | 5891b45e0eee0307a29ed5103fe6d596f6a37ebd (patch) | |
| tree | 4da61210c620c3dc173257bf556f83627e52f7d6 /src/conntrack.c | |
| parent | 2082ea8a70a1c3b7c8b47115f00fcbe70fac9ffa (diff) | |
o Add support to filter events. ie: -p tcp --orig-port-dst 80 in
conjuction with -E to get all the requests to HTTP servers
o Update manpage
o Missing static function declaration in the protocol handlers
o Use protocol flags defined in libnetfilter_conntrack
o Kill leftover #include "conntrack.h" in the ICMP helper
o Bumped version to 0.991
Diffstat (limited to 'src/conntrack.c')
| -rw-r--r-- | src/conntrack.c | 39 |
1 files changed, 24 insertions, 15 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index 59b95a4..eb9064d 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -120,7 +120,7 @@ static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] = /*CT_DELETE*/ {' ',' ',' ',' ',' ','x','x','x','x','x','x','x','x','x','x',' '}, /*CT_GET*/ {' ',' ',' ',' ','+','x','x','x','x','x','x','x','x','x','x',' '}, /*CT_FLUSH*/ {'x','x','x','x','x','x','x','x','x','x','x','x','x','x','x','x'}, -/*CT_EVENT*/ {'x','x','x','x','x','x','x','x',' ','x','x','x','x','x','x','x'}, +/*CT_EVENT*/ {'x','x','x','x',' ','x','x','x',' ','x','x','x','x','x','x','x'}, /*VERSION*/ {'x','x','x','x','x','x','x','x','x','x','x','x','x','x','x','x'}, /*HELP*/ {'x','x','x','x',' ','x','x','x','x','x','x','x','x','x','x','x'}, /*EXP_LIST*/ {'x','x','x','x','x','x','x','x','x','x','x','x','x','x','x',' '}, @@ -1014,24 +1014,33 @@ int main(int argc, char *argv[]) break; case CT_EVENT: - if (options & CT_OPT_EVENT_MASK) { + ct = nfct_conntrack_alloc(&orig, &reply, timeout, + &proto, status, mark, id, NULL); + if (!ct) + exit_error(OTHER_PROBLEM, "Not enough memory"); + + if (options & CT_OPT_EVENT_MASK) cth = nfct_open(CONNTRACK, event_mask); - if (!cth) - exit_error(OTHER_PROBLEM, "Can't open handler"); - signal(SIGINT, event_sighandler); - nfct_register_callback(cth, - nfct_default_conntrack_display, NULL); - res = nfct_event_conntrack(cth); - } else { + else cth = nfct_open(CONNTRACK, NFCT_ALL_CT_GROUPS); - if (!cth) - exit_error(OTHER_PROBLEM, "Can't open handler"); - signal(SIGINT, event_sighandler); + + if (!cth) + exit_error(OTHER_PROBLEM, "Can't open handler"); + signal(SIGINT, event_sighandler); + + if (options & CT_OPT_PROTO) { + struct nfct_conntrack_compare cmp = { + .ct = ct, + .flag = 0, + .protoflag = extra_flags + }; nfct_register_callback(cth, - nfct_default_conntrack_display, - NULL); - res = nfct_event_conntrack(cth); + nfct_default_conntrack_display, (void *)&cmp); + } else { + nfct_register_callback(cth, + nfct_default_conntrack_display, NULL); } + res = nfct_event_conntrack(cth); nfct_close(cth); break; |