Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pynetfilter_conntrack examples #9

Open
hatu90 opened this issue Jul 27, 2016 · 5 comments
Open

pynetfilter_conntrack examples #9

hatu90 opened this issue Jul 27, 2016 · 5 comments

Comments

@hatu90
Copy link

hatu90 commented Jul 27, 2016

Hi,
I have cloned your project and want to use it. However, I'm stuck in using Filter.
For example, in case I want to get the result like: "conntrack -L -p tcp -s 127.0.0.1", how can I use your library?
@veerendra2
Copy link

veerendra2 commented Jul 27, 2016
edited
Loading

Hello,
You can find my answer here-> http://stackoverflow.com/questions/27860646/how-to-use-pynetfilter-conntrack-library-of-python/38322050#38322050

Requried Python Modules

  • "netifaces" (For this, first you should run "apt-get install python-dev")
import netifaces
import pynetfilter_conntrack
ct = pynetfilter_conntrack.Conntrack()
for item in ct.dump_table(netifaces.AF_INET)[0]:
    print item.orig_ipv4_src,
    print item.orig_port_src, 
    print item.repl_counter_bytes
    print "==================="

I found some list of variable that we can print/get.

orig_ipv4_src
orig_ipv4_dst
repl_ipv4_src
repl_ipv4_dst

orig_port_src
orig_port_dst
repl_port_src
repl_port_dst

tcp_state
timeout
mark
use
status

orig_counter_packets
repl_counter_packets

orig_counter_bytes
repl_counter_bytes

orig_l3proto
orig_l4proto

icmp_type
icmp_code
icmp_id

Thanks,
Veerendra

@hatu90
Copy link
Author

hatu90 commented Jul 28, 2016

Hi Veerendra,
I understand your code, but what I want is the way we use filter in pynetfilter_conntrack. Take conntrack-tools for example:
We can list the conntrack entries by the command "conntrack -L"
When we add more args or fileds, the smaller numbers of conntrack entries we get:
"conntrack -L -p tcp": Get all tcp conntrack entries
"conntrack -L -p tcp -s 127.0.0.1": Get all tcp conntrack entries from local host
....
My question is how we can implement these commands with pynetfilter_conntrack.

@veerendra2
Copy link

Yes, We have the variables and we can display whatever we want like if item.orig_ipv4_src == "127.0.0.1". And also check other variables to list only tcp (May be orig_l4proto variable?/ I haven't checked all)

@uttu90
Copy link

uttu90 commented Oct 6, 2016

@veerendra2: Do you know how to use the Filter. Can it help?

@uttu90
Copy link

uttu90 commented Oct 6, 2016

@regit: Could you show me how we can implement like the conntrack-tools command: "conntrack -D 10.1.2.3.4" Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@veerendra2 @uttu90 @hatu90