Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Question How can I get conntrack info by C function?


    Now we can use conntrack tool to get these info, but if I want to get the info in my program, how can I get conntrack info likes "conntrack -L". My program will be running on user space, so kernel module is an unuseful choice. And use cmd mode will lack efficiency.

    I now use iptables nat to revert all the tcp connections of some users to port 10000, and my program is listening to this port. I want to get the original IP/Port of the accepted tcp connection, so I need conntrack info.

  2. #2
    Linux User
    Join Date
    Jun 2012
    Location
    SF Bay area
    Posts
    312
    -->
    Two suggestions...

    First, any process can see basic information, including the IP/port on both ends of the connection, by reading /proc/net/tcp or /proc/net/tcp6 (for IPv6). The file format of that particular /proc file is pretty straight forward so parsing it isn't that tricky. If you need more information related to the connections, like info on the local process involved, then you would need to read other files and connect the two bits of information. That's more of a pain. But since you said you just want the IP/port, you don't need to do that extra work.

    Second, your question seems to imply that your code is the one handling the connections on the port you care about. If that's the case it's even easier. In your code, you can call getpeername() to find the IP of the other end of a socket.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •