diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-05-01 23:19:42 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-05-01 23:19:42 +0000 |
| commit | d894e26211f38db37015850afab6b7331edeecdb (patch) | |
| tree | 27f9eb6baebd2fc2c5b54c97b4775797b69e43ba /test.sh | |
| parent | 21ed4ac1f957f1e4d7be195a98fb235de13ede21 (diff) | |
o Created changelog file
o Deleted libctnetlink.h and libnfnetlink.h from the include/ dir.
o Added support for version (-V) and help (-h)
o Added event mask based support
o Added GPLv2 headers
o Use fprintf instead of printf
o Defined print_tuple and print_proto output interfaces
o ctnl_[get|del]_conntrack handles return value from kernel via msgerr
o Added support for conntrack table flushing
o Added test case file (test.sh)
o Improve dump output
o Autoconf stuff for conntrack + some pablo's modifications.
o Fixed packet counters formatting (use %llu instead of %lu)
Diffstat (limited to 'test.sh')
| -rw-r--r-- | test.sh | 67 |
1 files changed, 67 insertions, 0 deletions
@@ -0,0 +1,67 @@ +CONNTRACK=conntrack + +SRC=1.1.1.1 +DST=2.2.2.2 +SPORT=1980 +DPORT=2005 + +case $1 in + dump) + # Setting dump mask + echo "dump mask set to TUPLE" + $CONNTRACK -A -m TUPLE + $CONNTRACK -L + echo "Press any key to continue..." + read + echo "dump mask set to TUPLE,COUNTERS" + $CONNTRACK -A -m TUPLE,COUNTERS + $CONNTRACK -L + echo "Press any key to continue..." + read + echo "dump mask set to ALL" + $CONNTRACK -A -m ALL + $CONNTRACK -L + echo "Press any key to continue..." + read + ;; + new) + echo "creating a new conntrack" + $CONNTRACK -I --orig-src $SRC --orig-dst $DST \ + --reply-src $DST --reply-dst $SRC -p tcp \ + --orig-port-src $SPORT --orig-port-dst $DPORT \ + --reply-port-src $DPORT --reply-port-dst $SPORT \ + --state LISTEN -u SEEN_REPLY -t 50 + ;; + + change) + echo "change a conntrack" + $CONNTRACK -I --orig-src $SRC --orig-dst $DST \ + --reply-src $DST --reply-dst $SRC -p tcp \ + --orig-port-src $SPORT --orig-port-dst $DPORT \ + --reply-port-src $DPORT --reply-port-dst $SPORT \ + --state TIME_WAIT -u ASSURED -t 500 + ;; + delete) + # 66.111.58.52 dst=85.136.125.64 sport=22 dport=60239 + $CONNTRACK -D conntrack --orig-src 66.111.58.1 \ + --orig-dst 85.136.125.64 -p tcp --orig-port-src 22 \ + --orig-port-dst 60239 + ;; + output) + proc=$(cat /proc/net/ip_conntrack | wc -l) + netl=$($CONNTRACK -L | wc -l) + count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count) + if [ $proc -ne $netl ]; then + echo "proc is $proc and netl is $netl and count is $count" + else + if [ $proc -ne $count ]; then + echo "proc is $proc and netl is $netl and count is $count" + else + echo "now $proc" + fi + fi + ;; + *) + echo "Usage: $0 [dump|new|change|delete|output]" + ;; +esac |