4 files changed, 97 insertions, 0 deletions

diff --git a/include/internal/object.h b/include/internal/object.h
index fe1506c..378ba74 100644
--- a/include/internal/object.h
+++ b/include/internal/object.h
@@ -22,6 +22,15 @@ struct nfct_handle {
 				      struct nf_conntrack *ct,
 				      void *data);
 
+	/* This is the second version of the callback that includes
+	 * the Netlink header. This is the result of an early design
+	 * error, hiding Netlink details is evil. You end needing some
+	 * internal information at some point like the Netlink PortID. */
+	int			(*cb2)(const struct nlmsghdr *nlh,
+				       enum nf_conntrack_msg_type type,
+				       struct nf_conntrack *ct,
+				       void *data);
+
 	int			(*expect_cb)(enum nf_conntrack_msg_type type, 
 					     struct nf_expect *exp,
 					     void *data);
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 1e23b0b..ec85066 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -233,6 +233,18 @@ extern int nfct_callback_register(struct nfct_handle *h,
 
 extern void nfct_callback_unregister(struct nfct_handle *h);
 
+/* register / unregister callback: extended version including netlink header */
+
+extern int nfct_callback_register2(struct nfct_handle *h,
+				   enum nf_conntrack_msg_type type,
+				   int (*cb)(const struct nlmsghdr *nlh,
+				   	     enum nf_conntrack_msg_type type,
+				  	     struct nf_conntrack *ct,
+					     void *data),
+				   void *data);
+
+extern void nfct_callback_unregister2(struct nfct_handle *h);
+
 /* callback verdict */
 enum {
 	NFCT_CB_FAILURE = -1,   /* failure */
diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index e69ea49..0639b5f 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -200,6 +200,80 @@ void nfct_callback_unregister(struct nfct_handle *h)
 }
 
 /**
+ * nf_callback_register2 - register a callback
+ * @h: library handler
+ * @cb: callback used to process conntrack received
+ * @data: data used by the callback, if any.
+ *
+ * This function register a callback to handle the conntrack received, 
+ * in case of error -1 is returned and errno is set appropiately, otherwise
+ * 0 is returned.
+ *
+ * Note that the data parameter is optional, if you do not want to pass any
+ * data to your callback, then use NULL.
+ *
+ * NOTICE: The difference with nf_callback_register() is that this function
+ * uses the new callback interface that includes the Netlink header.
+ *
+ * WARNING: Don't mix nf_callback_register() and nf_callback_register2()
+ * calls, use only once at a time.
+ */
+int nfct_callback_register2(struct nfct_handle *h,
+			    enum nf_conntrack_msg_type type,
+			    int (*cb)(const struct nlmsghdr *nlh,
+			    	      enum nf_conntrack_msg_type type,
+				      struct nf_conntrack *ct, 
+				      void *data),
+			   void *data)
+{
+	struct __data_container *container;
+
+	assert(h != NULL);
+
+	container = calloc(sizeof(struct __data_container), 1);
+	if (container == NULL)
+		return -1;
+
+	h->cb2 = cb;
+	container->h = h;
+	container->type = type;
+	container->data = data;
+
+	h->nfnl_cb.call = __callback;
+	h->nfnl_cb.data = container;
+	h->nfnl_cb.attr_count = CTA_MAX;
+
+	nfnl_callback_register(h->nfnlssh_ct, 
+			       IPCTNL_MSG_CT_NEW,
+			       &h->nfnl_cb);
+
+	nfnl_callback_register(h->nfnlssh_ct,
+			       IPCTNL_MSG_CT_DELETE,
+			       &h->nfnl_cb);
+
+	return 0;
+}
+
+/**
+ * nfct_callback_unregister2 - unregister a callback
+ * @h: library handler
+ */
+void nfct_callback_unregister2(struct nfct_handle *h)
+{
+	assert(h != NULL);
+
+	nfnl_callback_unregister(h->nfnlssh_ct, IPCTNL_MSG_CT_NEW);
+	nfnl_callback_unregister(h->nfnlssh_ct, IPCTNL_MSG_CT_DELETE);
+
+	h->cb2 = NULL;
+	free(h->nfnl_cb.data);
+
+	h->nfnl_cb.call = NULL;
+	h->nfnl_cb.data = NULL;
+	h->nfnl_cb.attr_count = 0;
+}
+
+/**
  * nfct_set_attr - set the value of a certain conntrack attribute
  * @ct: pointer to a valid conntrack
  * @type: attribute type
diff --git a/src/conntrack/callback.c b/src/conntrack/callback.c
index 7faf13a..c83a564 100644
--- a/src/conntrack/callback.c
+++ b/src/conntrack/callback.c
@@ -31,6 +31,8 @@ int __callback(struct nlmsghdr *nlh, struct nfattr *nfa[], void *data)
 
 	if (container->h->cb)
 		ret = container->h->cb(type, ct, container->data);
+	else if (container->h->cb2)
+		ret = container->h->cb2(nlh, type, ct, container->data);
 
 	switch(ret) {
 	case NFCT_CB_FAILURE: