I have a RT-AC68U router and need to flush nat conntrack for some reasons.
I tried compiled conntrack tool and it does not work.
I have noticed that there exist libnfnetlink in router, so I tried below code to do a test:
#include "libnfnetlink/libnfnetlink.h"
#include <linux/netfilter/nfnetlink_conntrack.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
int main()
{
struct nfnl_handle *h = NULL;
struct nfnl_subsys_handle *ssh = NULL;
h = nfnl_open();
if(!h) {
printf("nfnl_open fail: %s\n", strerror(errno));
return -1;
}
ssh = nfnl_subsys_open(h, NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_MAX, 0);
if(!ssh) {
printf("nfnl_subsys_open fail: %s\n", strerror(errno));
return -1;
}
union {
char buffer[4096];
struct nfnlhdr req;
} u;
memset(&u, 0, sizeof(u));
nfnl_fill_hdr(ssh, &u.req.nlh, 0, AF_INET, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST | NLM_F_ACK);
if(nfnl_query(h, &u.req.nlh) != 0) {
printf("nfnl_query fail: %s\n", strerror(errno));
}
else {
printf("nfnl_query success\n");
}
return 0;
}
nfnl_query() always return fail with error invalid arguement.
I have try this code on another linux based router and it work.
Anyone can help ?
I tried compiled conntrack tool and it does not work.
I have noticed that there exist libnfnetlink in router, so I tried below code to do a test:
#include "libnfnetlink/libnfnetlink.h"
#include <linux/netfilter/nfnetlink_conntrack.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
int main()
{
struct nfnl_handle *h = NULL;
struct nfnl_subsys_handle *ssh = NULL;
h = nfnl_open();
if(!h) {
printf("nfnl_open fail: %s\n", strerror(errno));
return -1;
}
ssh = nfnl_subsys_open(h, NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_MAX, 0);
if(!ssh) {
printf("nfnl_subsys_open fail: %s\n", strerror(errno));
return -1;
}
union {
char buffer[4096];
struct nfnlhdr req;
} u;
memset(&u, 0, sizeof(u));
nfnl_fill_hdr(ssh, &u.req.nlh, 0, AF_INET, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST | NLM_F_ACK);
if(nfnl_query(h, &u.req.nlh) != 0) {
printf("nfnl_query fail: %s\n", strerror(errno));
}
else {
printf("nfnl_query success\n");
}
return 0;
}
nfnl_query() always return fail with error invalid arguement.
I have try this code on another linux based router and it work.
Anyone can help ?