grovel netfilter_conntrack_xxx from applications how?

Georgi Alexandrov georgi.alexandrov at gmail.com
Fri Nov 25 11:52:53 CET 2005


Tyler Retzlaff wrote:

>
> On 25/11/2005, at 5:45 PM, Georgi Alexandrov wrote:
>
>> Tyler Retzlaff wrote:
>>
>>> How does one query netfilter for information about conntrack  
>>> connections
>>> when they are established, disestablished etc..?
>>>
>>> Basically for connections established via conntrack_xxx modules I  want
>>> to extract the details and use them in an application on the  
>>> router.   Is there
>>> documentation to a C API for doing this?
>>>
>>> Thanks
>>>
>>>
>> check /proc/net/ip_conntrack
>> but remember that accessing it directly ... with cat for example is
>> known that may crash your machine.
>
>
> eww that doesn't sound very appealing.
>
> I was kind of hoping for something more like callback registration  
> where if a
> new session was established my userspace application was notified  
> allowing
> me to query the details.
>
> I've been reading as much as possible since the original post and  
> have only
> found references to netfilter hooks which appears to be for  
> implementing things
> like ip_conntrack.  I suppose I could fork ip_conntrack and add a  
> callback
> registration interface to it but I was hoping something already existed.
>
> Thanks
>
Perhaps you may try the ULOG (userspace logging) target.
more @ iptables-tutorial.frozentux.net



More information about the netfilter mailing list