diff options
author | Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com> | 2022-03-08 09:05:21 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-03-08 09:34:30 +0100 |
commit | 75b3c6a15178a44c6ccff68b79c2bc3a05f7aa28 (patch) | |
tree | 5ead89468f6997f88f5f9a5bd1af4eab160e9fe5 /src | |
parent | 22618ff51aabed3dd85d1194103c3978be79acec (diff) |
conntrack: use libmnl for flushing conntrack table
Use libmnl and libnetfilter_conntrack mnl helpers to flush the conntrack
table entries.
Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/conntrack.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index f6752f8..679a1d2 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -3470,11 +3470,14 @@ static int do_command_ct(const char *progname, struct ct_cmd *cmd) break; case CT_FLUSH: - cth = nfct_open(CONNTRACK, 0); - if (!cth) - exit_error(OTHER_PROBLEM, "Can't open handler"); - res = nfct_query(cth, NFCT_Q_FLUSH_FILTER, &cmd->family); - nfct_close(cth); + res = nfct_mnl_socket_open(sock, 0); + if (res < 0) + exit_error(OTHER_PROBLEM, "Can't open netlink socket"); + + res = nfct_mnl_request(sock, NFNL_SUBSYS_CTNETLINK, cmd->family, + IPCTNL_MSG_CT_DELETE, NLM_F_ACK, NULL, NULL); + + nfct_mnl_socket_close(sock); fprintf(stderr, "%s v%s (conntrack-tools): ",PROGNAME,VERSION); fprintf(stderr,"connection tracking table has been emptied.\n"); break; |