Netfilter-Devel Archive on
 help / color / Atom feed
* Correct usage of nf_ct_get
@ 2020-05-11 21:26 b38911 Zxc
  0 siblings, 0 replies; only message in thread
From: b38911 Zxc @ 2020-05-11 21:26 UTC (permalink / raw)
  To: netfilter-devel


I tried to post this in the User Mailing List, but may be this is a
better place.
I have a doubt on the correct usage of the conntrack func "nf_ct_get".
I'm calling it in this way in my netfilter, to track UDP traffic:

 -----<Code snippet>-----

       ct = nf_ct_get(skb, &ctinfo);
       if (ct == NULL)

 -----<Code snippet>-----

On some systems it just work. In some others I get the result as NULL
until I do something like

 # iptables -A OUTPUT -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT

I understand that this is due to some module missing.
I did some additional investigations and it looks that what I'm looking
for can be accomplished with the call to


But this looks valid only for some 4.x kernel versions. From more
recent versions
it looks this has been removed. Anyone can point me to how to approach
this on newer

Thanks you so much for your help!

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-11 21:26 Correct usage of nf_ct_get b38911 Zxc

Netfilter-Devel Archive on

Archives are clonable:
	git clone --mirror netfilter-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 netfilter-devel netfilter-devel/ \
	public-inbox-index netfilter-devel

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone