What's new

conntrack tool not work. maybe libnfnetlink problem

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!


New Around Here
I have a RT-AC68U router and need to flush nat conntrack for some reasons.
I tried compiled conntrack tool and it does not work.
I have noticed that there exist libnfnetlink in router, so I tried below code to do a test:

#include "libnfnetlink/libnfnetlink.h"
#include <linux/netfilter/nfnetlink_conntrack.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>

int main()
struct nfnl_handle *h = NULL;
struct nfnl_subsys_handle *ssh = NULL;

h = nfnl_open();
if(!h) {
printf("nfnl_open fail: %s\n", strerror(errno));
return -1;

ssh = nfnl_subsys_open(h, NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_MAX, 0);
if(!ssh) {
printf("nfnl_subsys_open fail: %s\n", strerror(errno));
return -1;

union {
char buffer[4096];
struct nfnlhdr req;
} u;

memset(&u, 0, sizeof(u));
nfnl_fill_hdr(ssh, &u.req.nlh, 0, AF_INET, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST | NLM_F_ACK);

if(nfnl_query(h, &u.req.nlh) != 0) {
printf("nfnl_query fail: %s\n", strerror(errno));
else {
printf("nfnl_query success\n");

return 0;

nfnl_query() always return fail with error invalid arguement.
I have try this code on another linux based router and it work.

Anyone can help ?

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!