Tracking additional information

Joubert Berger joubertb at
Sat Apr 14 18:04:20 CEST 2007


I am looking for some advise.

I need to track additional information about a connection.  I had
hoped that I can extend the connection tracking code using a helper or
something similar.  But, it looks like using a helper will not help.

What I was going to do is look if it is a new connection, if so,
squirrel away the information I want from the SYN packet and then use
it later.  From my initial observations, the helper is able to add a
secondary connection into the connection tracking table, but can it
also be used to store information about the connection somewhere?

I would prefer not to have to patch the kernel because that would make
me not have to rebuild the base code.  I like the idea of just
installing a distributions RPM and then I just compile my code and I
am done :-)

But, maybe what I need to do is extend the connection tracking code
and add a place for me to keep my information per connection and then
store the data there on each connection?  Maybe where the tuple is
being saved.

Does my ramblings above make sense :-)  Any ideas would be great.
Thanks in advance.


More information about the netfilter-devel mailing list