00001 #include <stdio.h>
00002 #include <stdlib.h>
00003 #include <string.h>
00004 #include <errno.h>
00005 #include <arpa/inet.h>
00006
00007 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
00008 #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
00009
00010 int main(void)
00011 {
00012 int ret;
00013 struct nfct_handle *h;
00014 struct nf_conntrack *ct;
00015
00016 ct = nfct_new();
00017 if (!ct) {
00018 perror("nfct_new");
00019 return 0;
00020 }
00021
00022 nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
00023 nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
00024 nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
00025
00026 nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
00027 nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
00028 nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
00029
00030 nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
00031
00032 nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
00033 nfct_set_attr_u32(ct, ATTR_TIMEOUT, 100);
00034
00035 nfct_set_attr_u32(ct, ATTR_SNAT_IPV4, inet_addr("8.8.8.8"));
00036
00037 h = nfct_open(CONNTRACK, 0);
00038 if (!h) {
00039 perror("nfct_open");
00040 return -1;
00041 }
00042
00043 ret = nfct_query(h, NFCT_Q_CREATE, ct);
00044
00045 printf("TEST: create conntrack ");
00046 if (ret == -1)
00047 printf("(%d)(%s)\n", ret, strerror(errno));
00048 else
00049 printf("(OK)\n");
00050
00051 nfct_close(h);
00052
00053 ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS);
00054 }
