00001 #include <stdio.h>
00002 #include <stdlib.h>
00003 #include <string.h>
00004 #include <errno.h>
00005 #include <arpa/inet.h>
00006
00007 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
00008 #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
00009
00010 int main(void)
00011 {
00012 int ret;
00013 struct nfct_handle *h;
00014 struct nf_conntrack *ct;
00015
00016 ct = nfct_new();
00017 if (!ct) {
00018 perror("nfct_new");
00019 return 0;
00020 }
00021
00022 nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
00023 nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
00024 nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
00025
00026 nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
00027 nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
00028 nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
00029
00030 h = nfct_open(CONNTRACK, 0);
00031 if (!h) {
00032 perror("nfct_open");
00033 return -1;
00034 }
00035
00036 ret = nfct_query(h, NFCT_Q_DESTROY, ct);
00037
00038 printf("TEST: delete conntrack ");
00039 if (ret == -1)
00040 printf("(%d)(%s)\n", ret, strerror(errno));
00041 else
00042 printf("(OK)\n");
00043
00044 nfct_close(h);
00045
00046 ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS);
00047 }
