libnetfilter_conntrack  1.0.6
ct_stress.c
1 /* simple tool to generate random of flow entries to fill hard the
2  conntrack table. Early drop will not save our day then, because
3  the table will be plenty of assured flows. If things go well,
4  we hit ENOMEM at some point.
5 
6  You have to use conntrack_events_reliable together with this tool.
7 */
8 
9 #include <stdio.h>
10 #include <stdlib.h>
11 #include <string.h>
12 #include <errno.h>
13 #include <arpa/inet.h>
14 #include <time.h>
15 
16 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
17 #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
18 
19 int main(int argc, char *argv[])
20 {
21  time_t t;
22  int ret, i, j, r;
23  struct nfct_handle *h;
24  struct nf_conntrack *ct;
25 
26  if (argc < 2) {
27  fprintf(stderr, "Usage: %s [ct_table_size]\n", argv[0]);
28  exit(EXIT_FAILURE);
29  }
30 
31  time(&t);
32  srandom(t);
33  r = random();
34 
35  ct = nfct_new();
36  if (!ct) {
37  perror("nfct_new");
38  return 0;
39  }
40 
41  h = nfct_open(CONNTRACK, 0);
42  if (!h) {
43  perror("nfct_open");
44  nfct_destroy(ct);
45  return -1;
46  }
47 
48  for (i = r, j = 0;i < (r + atoi(argv[1]) * 2); i++, j++) {
49  nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
50  nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1") + i);
51  nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2") + i);
52 
53  nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
54  nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(10));
55  nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(20));
56 
57  nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
58 
59  nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_ESTABLISHED);
60  nfct_set_attr_u32(ct, ATTR_TIMEOUT, 1000);
61  nfct_set_attr_u32(ct, ATTR_STATUS, IPS_ASSURED);
62 
63  if (i % 10000 == 0)
64  printf("added %d flow entries\n", j);
65 
66  ret = nfct_query(h, NFCT_Q_CREATE, ct);
67  if (ret == -1)
68  perror("nfct_query: ");
69  }
70  nfct_close(h);
71 
72  nfct_destroy(ct);
73 
74  exit(EXIT_SUCCESS);
75 }
void nfct_set_attr_u32(struct nf_conntrack *ct, const enum nf_conntrack_attr type, uint32_t value)
int nfct_query(struct nfct_handle *h, const enum nf_conntrack_query query, const void *data)
int nfct_close(struct nfct_handle *cth)
Definition: main.c:105
void nfct_destroy(struct nf_conntrack *ct)
Definition: conntrack/api.c:92
int nfct_setobjopt(struct nf_conntrack *ct, unsigned int option)
void nfct_set_attr_u16(struct nf_conntrack *ct, const enum nf_conntrack_attr type, uint16_t value)
struct nf_conntrack * nfct_new(void)
Definition: conntrack/api.c:75
void nfct_set_attr_u8(struct nf_conntrack *ct, const enum nf_conntrack_attr type, uint8_t value)
struct nfct_handle * nfct_open(uint8_t, unsigned)
Definition: main.c:84