netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: b38911 Zxc <b38911@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: Correct usage of nf_ct_get
Date: Mon, 11 May 2020 21:26:04 +0000	[thread overview]
Message-ID: <CACWCkhBm0yNnm=Jt0Kq+mbO-mOK7nyDfvTi+CEU6s7OVHs0Azw@mail.gmail.com> (raw)

Hello.

I tried to post this in the User Mailing List, but may be this is a
better place.
I have a doubt on the correct usage of the conntrack func "nf_ct_get".
I'm calling it in this way in my netfilter, to track UDP traffic:

 -----<Code snippet>-----

       ct = nf_ct_get(skb, &ctinfo);
       if (ct == NULL)
       ...

 -----<Code snippet>-----

On some systems it just work. In some others I get the result as NULL
until I do something like

 # iptables -A OUTPUT -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT

I understand that this is due to some module missing.
I did some additional investigations and it looks that what I'm looking
for can be accomplished with the call to

nf_ct_l3proto_try_module_get

But this looks valid only for some 4.x kernel versions. From more
recent versions
it looks this has been removed. Anyone can point me to how to approach
this on newer
kernels?

Thanks you so much for your help!
CC

                 reply	other threads:[~2020-05-11 21:26 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CACWCkhBm0yNnm=Jt0Kq+mbO-mOK7nyDfvTi+CEU6s7OVHs0Azw@mail.gmail.com' \
    --to=b38911@gmail.com \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).