What's new

conntrack tool not work. maybe libnfnetlink problem


New Around Here
I have a RT-AC68U router and need to flush nat conntrack for some reasons.
I tried compiled conntrack tool and it does not work.
I have noticed that there exist libnfnetlink in router, so I tried below code to do a test:

#include "libnfnetlink/libnfnetlink.h"
#include <linux/netfilter/nfnetlink_conntrack.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>

int main()
struct nfnl_handle *h = NULL;
struct nfnl_subsys_handle *ssh = NULL;

h = nfnl_open();
if(!h) {
printf("nfnl_open fail: %s\n", strerror(errno));
return -1;

ssh = nfnl_subsys_open(h, NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_MAX, 0);
if(!ssh) {
printf("nfnl_subsys_open fail: %s\n", strerror(errno));
return -1;

union {
char buffer[4096];
struct nfnlhdr req;
} u;

memset(&u, 0, sizeof(u));
nfnl_fill_hdr(ssh, &u.req.nlh, 0, AF_INET, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST | NLM_F_ACK);

if(nfnl_query(h, &u.req.nlh) != 0) {
printf("nfnl_query fail: %s\n", strerror(errno));
else {
printf("nfnl_query success\n");

return 0;

nfnl_query() always return fail with error invalid arguement.
I have try this code on another linux based router and it work.

Anyone can help ?

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!