Re: nfct_query return code - Pablo Neira Ayuso

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: switcher <switcher@linuxwall.info>
Cc: netfilter@lists.netfilter.org
Subject: Re: nfct_query return code
Date: Fri, 22 Jun 2007 09:08:57 +0200	[thread overview]
Message-ID: <467B7589.4090802@netfilter.org> (raw)
In-Reply-To: <20070621225343.mzl7x1joxx4w4s4g@webmail.microgate.fr>

switcher wrote:
> Hi All,
> Just a little question about nfct_query used to check the state of a connection.
> What is it supposed to return ?
> I guess it's 0 if the packet is part of an active connection (tell me if I'm
> wrong) but what does a "-1" value mean ? An error or a packet seen for the
> first time ?
> 
> For information, my piece (truncated) of code :
> ct = nfct_new();
> nfct_set_attr_u8(ct, ATTR_ORIG_L3PROTO, AF_INET);
> nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC, iph->saddr);
> nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_DST, iph->daddr);
> nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, iph->protocol);
> nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, tcp->source);
> nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, tcp->dest);
> cth = nfct_open(CONNTRACK, 0);
> nfct_callback_register(cth, NFCT_T_ALL, cb, NULL)
> conn_state = nfct_query(cth, NFCT_Q_GET, ct);
> nfct_close(cth);
> return conn_state;

No, you get it in the callback that is invoked if it finds such object 
that you're requesting, otherwise nfct_query returns -1 and errno is set 
to ENOENT:

static int cb(struct nf_conntrack *ct, ...)
{
	if (nfct_attr_is_set(ATTR_TCP_STATE, ct))
		conn_state = nfct_get_attr_u32(ct, ATTR_TCP_STATE);

	return NFCT_CB_CONTINUE;
}

-- 
The dawn of the fourth age of Linux firewalling is coming; a time of 
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris

     prev parent reply	other threads:[~2007-06-22  7:08 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-06-21 20:53 nfct_query return code switcher
2007-06-22  7:08 ` Pablo Neira Ayuso [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=467B7589.4090802@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=netfilter@lists.netfilter.org \
    --cc=switcher@linuxwall.info \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox