Now we can use conntrack tool to get these info, but if I want to get these info in my program, how can I get conntrack info such as "conntrack -L". My program is running on user space, so kernel module is an unuseful choice. And use cmd mode will lack efficiency.

e.g. I use iptables nat to revert all the tcp connection of some users to port 10000, and my program is listening to this port, I want to get the original ports of the accepted tcp connection, so I need conntrack info.

You can do a couple of things. You could do it direct and messy, which is to say that you can run conntrack from within your C program, cause the results to be piped to a file, and then open that file from within your C program and process the results. Another variation of that would be to run conntrack periodically by the use of a script or service, monitor updates to an output log file or have a signal of some sort to your C program and then process the newest results. Another option is to download the conntrack sources and use the relevant parts of that within your own C program.