Re: [PATCH] ct-event API port to 2.6.11

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Amin Azez <azez@ufomechanic.net>
To: netfilter-devel@lists.netfilter.org
Subject: Re: [PATCH] ct-event API port to 2.6.11
Date: Fri, 08 Apr 2005 16:07:27 +0100	[thread overview]
Message-ID: <42569E2F.3070802@ufomechanic.net> (raw)
In-Reply-To: <42567D15.8090102@eurodev.net>

The procedure I outline below is not complete;

I found that I can't set CONFIG_NETFILTER_NETLINK in the config file using
make xconfig (which I use to sanity check .config done by hand)

beause of this, IP_NF_CONNTRACK_NETLINK cannot be set, and so 
ip_conntrack_netlink.c is never compiled.

CONFIG_NETFILTER_NETLINK is available from 
linux-2.6.11.6/net/netfilter/Kconfig (as opposed to ipv4/netfilter/Kconfig)

For some reason it has spaces instead of tabs in it (most Kconfig have 
tabs) but even if I fix this I still can't get NETFILTER_NETLINK to show 
in the gui kernel config tools, which indicates something is wrong.

Amin

Pablo Neira wrote:
> Amin Azez wrote:
> 
>> Thanks for the patches Pablo, they seemed to do the trick.
>> ctnl_del_conntrack has been expanded to 3 args, should I be using 
>> CTA_UNSPEC or CTA_ORIG or CTA_STATUS as the 3rd arg on line 118 of 
>> ctnltest.c?
> 
> 
> +int ctnl_del_conntrack(struct ctnl_handle *cth,
> +                      struct ip_conntrack_tuple *tuple,
> +                      enum ctattr_type_t t)
> 
> The 3rd arguments says if you're referring to CTA_ORIG or CTA_RPLY. So 
> you can kill conntracks based on the direction.
> 
> This stuff is under development so nobody can't assure that the API will 
> change in future.
> 
>> ctnl_del_conntrack(cth, NFA_DATA(cb[CTA_ORIG]),XXXXX);
>>
>> For the record, to help those who follow, to get libctnetlink and 
>> libnfnetlink working, here are the instructions.
>>
>> 1) unpack the pristine kernel sources of 2.6.11
>> 2) apply pablos patches from 
>> http://people.netfilter.org/pablo/patches/nfnetlink-conntrack-0.50-2.6.11/ 
>>
>> 3) build and install your kernel & modules with all the right NF 
>> options enabled
>> 4) unpack a recent libctnetlink from 
>> ftp://ftp.netfilter.org/pub/libctnetlink/snapshot/
>> 5) run:
>>   automake-1.4
>>   autoconf
>> 6) unpack a recent libnfnetlink from 
>> ftp://ftp.netfilter.org/pub/libnfnetlink/snapshot/
>> make a symlink from libnfnetlink-2005xxxx to libnfnetlink so that 
>> libctnetlink can find it
>> 7) run:
>>   automake-1.4
>>   autoconf
>> 8) inside the libctnetlink dir
>> ./configure
>> make
>> make install
>> 9) inside the libnfnetlink dir
>> ./configure
>> make
>> make install
> 
> 
> Thanks, people surely would appreciate this to save time.
> 
>> Attached is my candidate patch for ctnltest.c which can be compiled with:
> 
> 
> fix ctnl_del_conntrack, CTA_UNSPEC isn't ok as 3rd param.
> 
> -- 
> Pablo
> 
>

next prev parent reply	other threads:[~2005-04-08 15:07 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-03-27 23:55 [PATCH] ct-event API port to 2.6.11 Pablo Neira
2005-04-03 17:42 ` Patrick McHardy
2005-04-06 16:03   ` Amin Azez
2005-04-06 18:11     ` Pablo Neira
2005-04-07  4:17       ` Wang Jian
2005-04-07 12:34       ` Amin Azez
2005-04-07 14:21       ` Amin Azez
2005-04-07 16:28         ` Amin Azez
2005-04-08  9:15           ` Amin Azez
     [not found]             ` <42564FAA.2050302@eurodev.net>
     [not found]               ` <425658A8.6050200@ufomechanic.net>
2005-04-08 10:19                 ` Pablo Neira
2005-04-08 12:29                   ` Amin Azez
2005-04-08 12:46                     ` Pablo Neira
2005-04-08 13:50                       ` Amin Azez
2005-04-08 15:07                       ` Amin Azez [this message]
2005-04-08 15:13                         ` Amin Azez
2005-04-08 15:54                           ` Amin Azez
2005-04-10 20:45       ` Harald Welte
2005-04-12 14:50         ` Pablo Neira
2005-04-12 15:00           ` Pablo Neira
2005-04-18 10:48             ` Amin Azez
2005-04-18 11:13               ` Wang Jian
2005-04-18 11:06         ` Amin Azez

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=42569E2F.3070802@ufomechanic.net \
    --to=azez@ufomechanic.net \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.