Alan Ezust wrote:
> Anyway, I'm still not quite sure what my problem is
with building conntrack.
> I have an older executable that I somehow built
successfully, and I can make
> my currently needed changes to libnetfilter_conntrack
and run the original
> executable against my patched versions, so I am able to
proceed for now, but
> it would be so nice to know why my conntrack builds are
always creating
> executables that HANG here:
>
> libnetfilter_conntrack.c
> int nfct_event_conntrack(struct nfct_handle *cth)
> {
> cth->handler = nfct_conntrack_netlink_handler;
> return nfnl_listen(cth->nfnlh,
&callback_handler, cth); // NEVER RETURNS FROM
> HERE
> }
It's *not* hanging, nfnl_listen blocks waiting to receive
events from
kernel space, this is the *expected behaviour*. Make sure
you have
enabled the conntrack event API.
--
The dawn of the fourth age of Linux firewalling is coming; a
time of
great struggle and heroic deeds -- J.Kadlecsik got inspired
by J.Morris
|