Example of using libnfnetlink_conntrack ?

From: Philip Prindeville
Date: Wed Nov 12 2008 - 22:03:32 EST

Is there a good example of writing an apps that plumbs NATting holes on an edge device (in this case, adding NATting for SDP/RTP in Asterisk), or is the utils/ directory in the source about as good an example as I'm going to find?

Also, how does one handle the case where you're in the middle (you're the ALG), you've just received an outbound packet, and you want to tie both endpoints together (external and internal), but you don't yet know what the internal source port number is going to be mapped to as it goes outbound, and you need to know this (for instance, to markup the media section of a SIP INVITE message, with the correct port numbers of the SDP/RTP association)? Is there a way to ask the kernel to get you a free port number for a given association?



P.S. Is there an issue with people.netfilter.org? I just tried to grab http://people.netfilter.org/pablo/docs/login.pdf from two different networks, and got timeouts from both...

