00001 #include <stdio.h>
00002 #include <stdlib.h>
00003 #include <string.h>
00004 #include <errno.h>
00005 #include <arpa/inet.h>
00006
00007 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
00008 #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
00009
00010 int main(void)
00011 {
00012 int ret;
00013 struct nfct_handle *h;
00014 struct nf_conntrack *ct;
00015
00016 ct = nfct_new();
00017 if (!ct) {
00018 perror("nfct_new");
00019 return 0;
00020 }
00021
00022 nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
00023 nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
00024 nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
00025
00026 nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
00027 nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
00028 nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
00029
00030 nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
00031
00032 nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
00033 nfct_set_attr_u32(ct, ATTR_TIMEOUT, 600);
00034
00035 h = nfct_open(CONNTRACK, 0);
00036 if (!h) {
00037 perror("nfct_open");
00038 return -1;
00039 }
00040
00041 ret = nfct_query(h, NFCT_Q_UPDATE, ct);
00042
00043 printf("TEST: update conntrack ");
00044 if (ret == -1)
00045 printf("(%d)(%s)\n", ret, strerror(errno));
00046 else
00047 printf("(OK)\n");
00048
00049 nfct_close(h);
00050
00051 ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS);
00052 }
