diff options
Diffstat (limited to 'utils/conntrack_filter.c')
-rw-r--r-- | utils/conntrack_filter.c | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/utils/conntrack_filter.c b/utils/conntrack_filter.c new file mode 100644 index 0000000..7d22950 --- /dev/null +++ b/utils/conntrack_filter.c @@ -0,0 +1,83 @@ +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> + +#include <libnetfilter_conntrack/libnetfilter_conntrack.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h> + +static int event_cb(enum nf_conntrack_msg_type type, + struct nf_conntrack *ct, + void *data) +{ + static int n = 0; + char buf[1024]; + + nfct_snprintf(buf, 1024, ct, type, NFCT_O_PLAIN, NFCT_OF_TIME); + printf("%s\n", buf); + + if (++n == 10) + return NFCT_CB_STOP; + + return NFCT_CB_CONTINUE; +} + +int main() +{ + int ret; + u_int8_t family = AF_INET; + struct nfct_handle *h; + struct nfct_filter *filter; + struct nf_conntrack *ct; + char buf[1024]; + + h = nfct_open(CONNTRACK, NF_NETLINK_CONNTRACK_NEW | + NF_NETLINK_CONNTRACK_UPDATE); + if (!h) { + perror("nfct_open"); + return 0; + } + + filter = nfct_filter_create(); + if (!filter) { + perror("nfct_create_filter"); + return 0; + } + + nfct_filter_add_attr_u32(filter, NFCT_FILTER_L4PROTO, IPPROTO_UDP); + nfct_filter_add_attr_u32(filter, NFCT_FILTER_L4PROTO, IPPROTO_TCP); + + struct nfct_filter_proto filter_proto = { + .proto = IPPROTO_TCP, + .state = TCP_CONNTRACK_ESTABLISHED + }; + + nfct_filter_add_attr(filter, NFCT_FILTER_L4PROTO_STATE, &filter_proto); + + struct nfct_filter_ipv4 filter_ipv4 = { + .addr = htonl(inet_addr("127.0.0.1")), + .mask = 0xffffffff, + }; + + nfct_filter_add_attr(filter, NFCT_FILTER_SRC_IPV4, &filter_ipv4); + + if (nfct_filter_attach(nfct_fd(h), filter) == -1) { + perror("nfct_filter_attach"); + return 0; + } + + /* release the filter object, this does not detach the filter */ + nfct_filter_destroy(filter); + + nfct_callback_register(h, NFCT_T_ALL, event_cb, NULL); + + printf("TEST: waiting for 10 events...\n"); + + ret = nfct_catch(h); + + printf("TEST: OK (%d)(%s)\n", ret, strerror(errno)); + + if (ret == -1) + exit(EXIT_FAILURE); + + nfct_close(h); +} |