conntrack mark question
Thomas Graf
tgraf at infradead.org
Tue Sep 20 09:23:04 EDT 2011
On Mon, Sep 19, 2011 at 11:47:26PM +0200, Stijn Souffriau wrote:
> Hello all,
>
> I would like to change the conntrack mark of a connection using
> libnl. I have managed to query and delete connections using the
> *nfnl_ct_query *and *nfnl_ct_del *functions but I haven't succeeded
> yet in modifying a connection. I believe that *nfnl_ct_add *would
> allow me to do this but despide returning NLE_SUCCESS I see no
> change in the mark.
>
> Some of my code:
> ...
> nfnl_ct_set_family ( ct_object, AF_INET ); // IPv4
> nfnl_ct_set_proto ( ct_object, 6 ); // TCP
> nfnl_ct_set_src ( ct_object, 0, src_addr );
> nfnl_ct_set_dst ( ct_object, 0, dest_addr );
> nfnl_ct_set_src_port( ct_object, 0, src_port );
> nfnl_ct_set_dst_port( ct_object, 0, dst_port );
> nfnl_ct_set_mark( ct_object, mark );
> nfnl_ct_add(nfnl_conntrack_sock, ct_object, NLM_F_REQUEST|NLM_F_ACK);
> ...
>
> Note that if I use these attributes, except for the mark, in a query
> then I receive the connection whose mark I meant to change.
Can you run your program with NLCB=debug ./program and post the output?
More information about the libnl
mailing list