18a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <stdio.h> 28a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <stdlib.h> 38a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <unistd.h> 48a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <time.h> 58a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <arpa/inet.h> 68a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 78a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <libmnl/libmnl.h> 88a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <libnetfilter_conntrack/libnetfilter_conntrack.h> 98a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 108a44513648da0c5f5551f96b329cf56b66f5b303pkanwar#include <linux/netfilter/nf_conntrack_tcp.h> 118a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 128a44513648da0c5f5551f96b329cf56b66f5b303pkanwarstatic int data_cb(const struct nlmsghdr *nlh, void *data) 138a44513648da0c5f5551f96b329cf56b66f5b303pkanwar{ 148a44513648da0c5f5551f96b329cf56b66f5b303pkanwar struct nf_conntrack *ct; 158a44513648da0c5f5551f96b329cf56b66f5b303pkanwar char buf[4096]; 168a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 178a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ct = nfct_new(); 188a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (ct == NULL) 198a44513648da0c5f5551f96b329cf56b66f5b303pkanwar return MNL_CB_OK; 208a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 218a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_nlmsg_parse(nlh, ct); 228a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 238a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_snprintf(buf, sizeof(buf), ct, NFCT_T_UNKNOWN, NFCT_O_DEFAULT, 0); 248a44513648da0c5f5551f96b329cf56b66f5b303pkanwar printf("%s\n", buf); 258a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 268a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_destroy(ct); 278a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 288a44513648da0c5f5551f96b329cf56b66f5b303pkanwar return MNL_CB_OK; 298a44513648da0c5f5551f96b329cf56b66f5b303pkanwar} 308a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 318a44513648da0c5f5551f96b329cf56b66f5b303pkanwarint main(void) 328a44513648da0c5f5551f96b329cf56b66f5b303pkanwar{ 338a44513648da0c5f5551f96b329cf56b66f5b303pkanwar struct mnl_socket *nl; 348a44513648da0c5f5551f96b329cf56b66f5b303pkanwar struct nlmsghdr *nlh; 358a44513648da0c5f5551f96b329cf56b66f5b303pkanwar struct nfgenmsg *nfh; 368a44513648da0c5f5551f96b329cf56b66f5b303pkanwar char buf[MNL_SOCKET_BUFFER_SIZE]; 378a44513648da0c5f5551f96b329cf56b66f5b303pkanwar unsigned int seq, portid; 388a44513648da0c5f5551f96b329cf56b66f5b303pkanwar struct nf_conntrack *ct; 398a44513648da0c5f5551f96b329cf56b66f5b303pkanwar int ret; 408a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 418a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nl = mnl_socket_open(NETLINK_NETFILTER); 428a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (nl == NULL) { 438a44513648da0c5f5551f96b329cf56b66f5b303pkanwar perror("mnl_socket_open"); 448a44513648da0c5f5551f96b329cf56b66f5b303pkanwar exit(EXIT_FAILURE); 458a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 468a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 478a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) { 488a44513648da0c5f5551f96b329cf56b66f5b303pkanwar perror("mnl_socket_bind"); 498a44513648da0c5f5551f96b329cf56b66f5b303pkanwar exit(EXIT_FAILURE); 508a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 518a44513648da0c5f5551f96b329cf56b66f5b303pkanwar portid = mnl_socket_get_portid(nl); 528a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 538a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nlh = mnl_nlmsg_put_header(buf); 548a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nlh->nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8) | IPCTNL_MSG_CT_GET; 558a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nlh->nlmsg_flags = NLM_F_REQUEST|NLM_F_ACK; 568a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nlh->nlmsg_seq = seq = time(NULL); 578a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 588a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfh = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg)); 598a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfh->nfgen_family = AF_INET; 608a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfh->version = NFNETLINK_V0; 618a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfh->res_id = 0; 628a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 638a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ct = nfct_new(); 648a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (ct == NULL) { 658a44513648da0c5f5551f96b329cf56b66f5b303pkanwar perror("nfct_new"); 668a44513648da0c5f5551f96b329cf56b66f5b303pkanwar return 0; 678a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 688a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 698a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET); 708a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1")); 718a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2")); 728a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 738a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP); 748a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20)); 758a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10)); 768a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 778a44513648da0c5f5551f96b329cf56b66f5b303pkanwar nfct_nlmsg_build(nlh, ct); 788a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 798a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ret = mnl_socket_sendto(nl, nlh, nlh->nlmsg_len); 808a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (ret == -1) { 818a44513648da0c5f5551f96b329cf56b66f5b303pkanwar perror("mnl_socket_recvfrom"); 828a44513648da0c5f5551f96b329cf56b66f5b303pkanwar exit(EXIT_FAILURE); 838a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 848a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 858a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); 868a44513648da0c5f5551f96b329cf56b66f5b303pkanwar while (ret > 0) { 878a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); 888a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (ret <= MNL_CB_STOP) 898a44513648da0c5f5551f96b329cf56b66f5b303pkanwar break; 908a44513648da0c5f5551f96b329cf56b66f5b303pkanwar ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); 918a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 928a44513648da0c5f5551f96b329cf56b66f5b303pkanwar if (ret == -1) { 938a44513648da0c5f5551f96b329cf56b66f5b303pkanwar perror("mnl_socket_recvfrom"); 948a44513648da0c5f5551f96b329cf56b66f5b303pkanwar exit(EXIT_FAILURE); 958a44513648da0c5f5551f96b329cf56b66f5b303pkanwar } 968a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 978a44513648da0c5f5551f96b329cf56b66f5b303pkanwar mnl_socket_close(nl); 988a44513648da0c5f5551f96b329cf56b66f5b303pkanwar 998a44513648da0c5f5551f96b329cf56b66f5b303pkanwar return 0; 1008a44513648da0c5f5551f96b329cf56b66f5b303pkanwar} 101