grovel netfilter_conntrack_xxx from applications how?
georgi.alexandrov at gmail.com
Fri Nov 25 11:52:53 CET 2005
Tyler Retzlaff wrote:
> On 25/11/2005, at 5:45 PM, Georgi Alexandrov wrote:
>> Tyler Retzlaff wrote:
>>> How does one query netfilter for information about conntrack
>>> when they are established, disestablished etc..?
>>> Basically for connections established via conntrack_xxx modules I want
>>> to extract the details and use them in an application on the
>>> router. Is there
>>> documentation to a C API for doing this?
>> check /proc/net/ip_conntrack
>> but remember that accessing it directly ... with cat for example is
>> known that may crash your machine.
> eww that doesn't sound very appealing.
> I was kind of hoping for something more like callback registration
> where if a
> new session was established my userspace application was notified
> me to query the details.
> I've been reading as much as possible since the original post and
> have only
> found references to netfilter hooks which appears to be for
> implementing things
> like ip_conntrack. I suppose I could fork ip_conntrack and add a
> registration interface to it but I was hoping something already existed.
Perhaps you may try the ULOG (userspace logging) target.
more @ iptables-tutorial.frozentux.net
More information about the netfilter