00001
00002
00003
00004
00005
00006
00007
00008 #include "internal/internal.h"
00009
00010 static void __parse_ip(const struct nfattr *attr,
00011 struct __nfct_tuple *tuple,
00012 const int dir,
00013 u_int32_t *set)
00014 {
00015 struct nfattr *tb[CTA_IP_MAX];
00016
00017 nfnl_parse_nested(tb, CTA_IP_MAX, attr);
00018
00019 if (tb[CTA_IP_V4_SRC-1]) {
00020 tuple->src.v4 = *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_SRC-1]);
00021 switch(dir) {
00022 case __DIR_ORIG:
00023 set_bit(ATTR_ORIG_IPV4_SRC, set);
00024 break;
00025 case __DIR_REPL:
00026 set_bit(ATTR_REPL_IPV4_SRC, set);
00027 break;
00028 case __DIR_MASTER:
00029 set_bit(ATTR_MASTER_IPV4_SRC, set);
00030 break;
00031 }
00032 }
00033
00034 if (tb[CTA_IP_V4_DST-1]) {
00035 tuple->dst.v4 = *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_DST-1]);
00036 switch(dir) {
00037 case __DIR_ORIG:
00038 set_bit(ATTR_ORIG_IPV4_DST, set);
00039 break;
00040 case __DIR_REPL:
00041 set_bit(ATTR_REPL_IPV4_DST, set);
00042 break;
00043 case __DIR_MASTER:
00044 set_bit(ATTR_MASTER_IPV4_DST, set);
00045 break;
00046 }
00047 }
00048
00049 if (tb[CTA_IP_V6_SRC-1]) {
00050 memcpy(&tuple->src.v6, NFA_DATA(tb[CTA_IP_V6_SRC-1]),
00051 sizeof(struct in6_addr));
00052 switch(dir) {
00053 case __DIR_ORIG:
00054 set_bit(ATTR_ORIG_IPV6_SRC, set);
00055 break;
00056 case __DIR_REPL:
00057 set_bit(ATTR_REPL_IPV6_SRC, set);
00058 break;
00059 case __DIR_MASTER:
00060 set_bit(ATTR_MASTER_IPV6_SRC, set);
00061 break;
00062 }
00063 }
00064
00065 if (tb[CTA_IP_V6_DST-1]) {
00066 memcpy(&tuple->dst.v6, NFA_DATA(tb[CTA_IP_V6_DST-1]),
00067 sizeof(struct in6_addr));
00068 switch(dir) {
00069 case __DIR_ORIG:
00070 set_bit(ATTR_ORIG_IPV6_DST, set);
00071 break;
00072 case __DIR_REPL:
00073 set_bit(ATTR_REPL_IPV6_DST, set);
00074 break;
00075 case __DIR_MASTER:
00076 set_bit(ATTR_MASTER_IPV6_DST, set);
00077 break;
00078 }
00079 }
00080 }
00081
00082 static void __parse_proto(const struct nfattr *attr,
00083 struct __nfct_tuple *tuple,
00084 const int dir,
00085 u_int32_t *set)
00086 {
00087 struct nfattr *tb[CTA_PROTO_MAX];
00088
00089 nfnl_parse_nested(tb, CTA_PROTO_MAX, attr);
00090
00091 if (tb[CTA_PROTO_NUM-1]) {
00092 tuple->protonum = *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_NUM-1]);
00093 switch(dir) {
00094 case __DIR_ORIG:
00095 set_bit(ATTR_ORIG_L4PROTO, set);
00096 break;
00097 case __DIR_REPL:
00098 set_bit(ATTR_REPL_L4PROTO, set);
00099 break;
00100 case __DIR_MASTER:
00101 set_bit(ATTR_MASTER_L4PROTO, set);
00102 break;
00103 }
00104 }
00105
00106 if (tb[CTA_PROTO_SRC_PORT-1]) {
00107 tuple->l4src.tcp.port =
00108 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]);
00109 switch(dir) {
00110 case __DIR_ORIG:
00111 set_bit(ATTR_ORIG_PORT_SRC, set);
00112 break;
00113 case __DIR_REPL:
00114 set_bit(ATTR_REPL_PORT_SRC, set);
00115 break;
00116 case __DIR_MASTER:
00117 set_bit(ATTR_MASTER_PORT_SRC, set);
00118 break;
00119 }
00120 }
00121
00122 if (tb[CTA_PROTO_DST_PORT-1]) {
00123 tuple->l4dst.tcp.port =
00124 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]);
00125 switch(dir) {
00126 case __DIR_ORIG:
00127 set_bit(ATTR_ORIG_PORT_DST, set);
00128 break;
00129 case __DIR_REPL:
00130 set_bit(ATTR_REPL_PORT_DST, set);
00131 break;
00132 case __DIR_MASTER:
00133 set_bit(ATTR_MASTER_PORT_DST, set);
00134 break;
00135 }
00136 }
00137
00138 if (tb[CTA_PROTO_ICMP_TYPE-1]) {
00139 tuple->l4dst.icmp.type =
00140 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_TYPE-1]);
00141 set_bit(ATTR_ICMP_TYPE, set);
00142 }
00143
00144 if (tb[CTA_PROTO_ICMP_CODE-1]) {
00145 tuple->l4dst.icmp.code =
00146 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_CODE-1]);
00147 set_bit(ATTR_ICMP_CODE, set);
00148 }
00149
00150 if (tb[CTA_PROTO_ICMP_ID-1]) {
00151 tuple->l4src.icmp.id =
00152 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_ICMP_ID-1]);
00153 set_bit(ATTR_ICMP_ID, set);
00154 }
00155
00156 if (tb[CTA_PROTO_ICMPV6_TYPE-1]) {
00157 tuple->l4dst.icmp.type =
00158 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_TYPE-1]);
00159 set_bit(ATTR_ICMP_TYPE, set);
00160 }
00161
00162 if (tb[CTA_PROTO_ICMPV6_CODE-1]) {
00163 tuple->l4dst.icmp.code =
00164 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_CODE-1]);
00165 set_bit(ATTR_ICMP_CODE, set);
00166 }
00167
00168 if (tb[CTA_PROTO_ICMPV6_ID-1]) {
00169 tuple->l4src.icmp.id =
00170 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_ID-1]);
00171 set_bit(ATTR_ICMP_ID, set);
00172 }
00173 }
00174
00175 void __parse_tuple(const struct nfattr *attr,
00176 struct __nfct_tuple *tuple,
00177 int dir,
00178 u_int32_t *set)
00179 {
00180 struct nfattr *tb[CTA_TUPLE_MAX];
00181
00182 nfnl_parse_nested(tb, CTA_TUPLE_MAX, attr);
00183
00184 if (tb[CTA_TUPLE_IP-1])
00185 __parse_ip(tb[CTA_TUPLE_IP-1], tuple, dir, set);
00186 if (tb[CTA_TUPLE_PROTO-1])
00187 __parse_proto(tb[CTA_TUPLE_PROTO-1], tuple, dir, set);
00188 }
00189
00190 static void __parse_protoinfo_tcp(const struct nfattr *attr,
00191 struct nf_conntrack *ct)
00192 {
00193 struct nfattr *tb[CTA_PROTOINFO_TCP_MAX];
00194
00195 nfnl_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, attr);
00196
00197 if (tb[CTA_PROTOINFO_TCP_STATE-1]) {
00198 ct->protoinfo.tcp.state =
00199 *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_TCP_STATE-1]);
00200 set_bit(ATTR_TCP_STATE, ct->set);
00201 }
00202
00203 if (tb[CTA_PROTOINFO_TCP_WSCALE_ORIGINAL-1]) {
00204 memcpy(&ct->protoinfo.tcp.wscale[__DIR_ORIG],
00205 NFA_DATA(tb[CTA_PROTOINFO_TCP_WSCALE_ORIGINAL-1]),
00206 sizeof(u_int8_t));
00207 set_bit(ATTR_TCP_WSCALE_ORIG, ct->set);
00208 }
00209
00210 if (tb[CTA_PROTOINFO_TCP_WSCALE_REPLY-1]) {
00211 memcpy(&ct->protoinfo.tcp.wscale[__DIR_REPL],
00212 NFA_DATA(tb[CTA_PROTOINFO_TCP_WSCALE_REPLY-1]),
00213 sizeof(u_int8_t));
00214 set_bit(ATTR_TCP_WSCALE_REPL, ct->set);
00215 }
00216
00217 if (tb[CTA_PROTOINFO_TCP_FLAGS_ORIGINAL-1]) {
00218 memcpy(&ct->protoinfo.tcp.flags[0],
00219 NFA_DATA(tb[CTA_PROTOINFO_TCP_FLAGS_ORIGINAL-1]),
00220 sizeof(u_int16_t));
00221 set_bit(ATTR_TCP_FLAGS_ORIG, ct->set);
00222 set_bit(ATTR_TCP_MASK_ORIG, ct->set);
00223 }
00224
00225 if (tb[CTA_PROTOINFO_TCP_FLAGS_REPLY-1]) {
00226 memcpy(&ct->protoinfo.tcp.flags[1],
00227 NFA_DATA(tb[CTA_PROTOINFO_TCP_FLAGS_REPLY-1]),
00228 sizeof(u_int16_t));
00229 set_bit(ATTR_TCP_FLAGS_REPL, ct->set);
00230 set_bit(ATTR_TCP_MASK_REPL, ct->set);
00231 }
00232 }
00233
00234 static void __parse_protoinfo_sctp(const struct nfattr *attr,
00235 struct nf_conntrack *ct)
00236 {
00237 struct nfattr *tb[CTA_PROTOINFO_SCTP_MAX];
00238
00239 nfnl_parse_nested(tb, CTA_PROTOINFO_SCTP_MAX, attr);
00240
00241 if (tb[CTA_PROTOINFO_SCTP_STATE-1]) {
00242 ct->protoinfo.sctp.state =
00243 *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_SCTP_STATE-1]);
00244 set_bit(ATTR_SCTP_STATE, ct->set);
00245 }
00246
00247 if (tb[CTA_PROTOINFO_SCTP_VTAG_ORIGINAL-1]) {
00248 ct->protoinfo.sctp.vtag[__DIR_ORIG] =
00249 ntohl(*(u_int32_t *)NFA_DATA(tb[CTA_PROTOINFO_SCTP_VTAG_ORIGINAL-1]));
00250 set_bit(ATTR_SCTP_VTAG_ORIG, ct->set);
00251 }
00252
00253 if (tb[CTA_PROTOINFO_SCTP_VTAG_REPLY-1]) {
00254 ct->protoinfo.sctp.vtag[__DIR_REPL] =
00255 ntohl(*(u_int32_t *)NFA_DATA(tb[CTA_PROTOINFO_SCTP_VTAG_REPLY-1]));
00256 set_bit(ATTR_SCTP_VTAG_REPL, ct->set);
00257 }
00258
00259 }
00260
00261 static void __parse_protoinfo_dccp(const struct nfattr *attr,
00262 struct nf_conntrack *ct)
00263 {
00264 struct nfattr *tb[CTA_PROTOINFO_DCCP_MAX];
00265
00266 nfnl_parse_nested(tb, CTA_PROTOINFO_DCCP_MAX, attr);
00267
00268 if (tb[CTA_PROTOINFO_DCCP_STATE-1]) {
00269 ct->protoinfo.dccp.state =
00270 *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_DCCP_STATE-1]);
00271 set_bit(ATTR_DCCP_STATE, ct->set);
00272 }
00273 if (tb[CTA_PROTOINFO_DCCP_ROLE-1]) {
00274 ct->protoinfo.dccp.role =
00275 *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_DCCP_ROLE-1]);
00276 set_bit(ATTR_DCCP_ROLE, ct->set);
00277 }
00278 if (tb[CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ-1]) {
00279 u_int64_t tmp;
00280 memcpy(&tmp,
00281 NFA_DATA(tb[CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ-1]),
00282 sizeof(tmp));
00283 ct->protoinfo.dccp.handshake_seq = __be64_to_cpu(tmp);
00284 set_bit(ATTR_DCCP_HANDSHAKE_SEQ, ct->set);
00285 }
00286 }
00287
00288 static void __parse_protoinfo(const struct nfattr *attr,
00289 struct nf_conntrack *ct)
00290 {
00291 struct nfattr *tb[CTA_PROTOINFO_MAX];
00292
00293 nfnl_parse_nested(tb, CTA_PROTOINFO_MAX, attr);
00294
00295 if (tb[CTA_PROTOINFO_TCP-1])
00296 __parse_protoinfo_tcp(tb[CTA_PROTOINFO_TCP-1], ct);
00297
00298 if (tb[CTA_PROTOINFO_SCTP-1])
00299 __parse_protoinfo_sctp(tb[CTA_PROTOINFO_SCTP-1], ct);
00300
00301 if (tb[CTA_PROTOINFO_DCCP-1])
00302 __parse_protoinfo_dccp(tb[CTA_PROTOINFO_DCCP-1], ct);
00303 }
00304
00305 static void __parse_counters(const struct nfattr *attr,
00306 struct nf_conntrack *ct,
00307 int dir)
00308 {
00309 struct nfattr *tb[CTA_COUNTERS_MAX];
00310
00311 nfnl_parse_nested(tb, CTA_COUNTERS_MAX, attr);
00312 if (tb[CTA_COUNTERS_PACKETS-1] || tb[CTA_COUNTERS32_PACKETS-1]) {
00313
00314 if (tb[CTA_COUNTERS32_PACKETS-1])
00315 ct->counters[dir].packets
00316 = ntohl(*(u_int32_t *)
00317 NFA_DATA(tb[CTA_COUNTERS32_PACKETS-1]));
00318
00319 if (tb[CTA_COUNTERS_PACKETS-1]) {
00320 u_int64_t tmp;
00321 memcpy(&tmp,
00322 NFA_DATA(tb[CTA_COUNTERS_PACKETS-1]),
00323 sizeof(tmp));
00324 ct->counters[dir].packets = __be64_to_cpu(tmp);
00325 }
00326
00327 switch(dir) {
00328 case __DIR_ORIG:
00329 set_bit(ATTR_ORIG_COUNTER_PACKETS, ct->set);
00330 break;
00331 case __DIR_REPL:
00332 set_bit(ATTR_REPL_COUNTER_PACKETS, ct->set);
00333 break;
00334 }
00335 }
00336 if (tb[CTA_COUNTERS_BYTES-1] || tb[CTA_COUNTERS32_BYTES-1]) {
00337
00338 if (tb[CTA_COUNTERS32_BYTES-1])
00339 ct->counters[dir].bytes
00340 = ntohl(*(u_int32_t *)
00341 NFA_DATA(tb[CTA_COUNTERS32_BYTES-1]));
00342
00343 if (tb[CTA_COUNTERS_BYTES-1]) {
00344 u_int64_t tmp;
00345 memcpy(&tmp,
00346 NFA_DATA(tb[CTA_COUNTERS_BYTES-1]),
00347 sizeof(tmp));
00348 ct->counters[dir].bytes = __be64_to_cpu(tmp);
00349 }
00350
00351 switch(dir) {
00352 case __DIR_ORIG:
00353 set_bit(ATTR_ORIG_COUNTER_BYTES, ct->set);
00354 break;
00355 case __DIR_REPL:
00356 set_bit(ATTR_REPL_COUNTER_BYTES, ct->set);
00357 break;
00358 }
00359 }
00360 }
00361
00362 static void
00363 __parse_nat_seq(const struct nfattr *attr, struct nf_conntrack *ct, int dir)
00364 {
00365 struct nfattr *tb[CTA_NAT_SEQ_MAX];
00366
00367 nfnl_parse_nested(tb, CTA_NAT_SEQ_MAX, attr);
00368
00369 if (tb[CTA_NAT_SEQ_CORRECTION_POS-1]) {
00370 ct->tuple[dir].natseq.correction_pos =
00371 ntohl(*(u_int32_t *)NFA_DATA(tb[CTA_NAT_SEQ_CORRECTION_POS-1]));
00372 switch(dir) {
00373 case __DIR_ORIG:
00374 set_bit(ATTR_ORIG_NAT_SEQ_CORRECTION_POS, ct->set);
00375 break;
00376 case __DIR_REPL:
00377 set_bit(ATTR_REPL_NAT_SEQ_CORRECTION_POS, ct->set);
00378 break;
00379 }
00380 }
00381
00382 if (tb[CTA_NAT_SEQ_OFFSET_BEFORE-1]) {
00383 ct->tuple[dir].natseq.offset_before =
00384 ntohl(*(u_int32_t *)NFA_DATA(tb[CTA_NAT_SEQ_OFFSET_BEFORE-1]));
00385 switch(dir) {
00386 case __DIR_ORIG:
00387 set_bit(ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE, ct->set);
00388 break;
00389 case __DIR_REPL:
00390 set_bit(ATTR_REPL_NAT_SEQ_OFFSET_BEFORE, ct->set);
00391 break;
00392 }
00393 }
00394
00395 if (tb[CTA_NAT_SEQ_OFFSET_AFTER-1]) {
00396 ct->tuple[dir].natseq.offset_after =
00397 ntohl(*(u_int32_t *)NFA_DATA(tb[CTA_NAT_SEQ_OFFSET_AFTER-1]));
00398 switch(dir) {
00399 case __DIR_ORIG:
00400 set_bit(ATTR_ORIG_NAT_SEQ_OFFSET_AFTER, ct->set);
00401 break;
00402 case __DIR_REPL:
00403 set_bit(ATTR_REPL_NAT_SEQ_OFFSET_AFTER, ct->set);
00404 break;
00405 }
00406 }
00407 }
00408
00409 static void
00410 __parse_helper(const struct nfattr *attr, struct nf_conntrack *ct)
00411 {
00412 struct nfattr *tb[CTA_HELP_MAX];
00413
00414 nfnl_parse_nested(tb, CTA_HELP_MAX, attr);
00415 if (!tb[CTA_HELP_NAME-1])
00416 return;
00417
00418 strncpy(ct->helper_name,
00419 NFA_DATA(tb[CTA_HELP_NAME-1]),
00420 __NFCT_HELPER_NAMELEN);
00421 ct->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
00422 set_bit(ATTR_HELPER_NAME, ct->set);
00423 }
00424
00425 static void
00426 __parse_secctx(const struct nfattr *attr, struct nf_conntrack *ct)
00427 {
00428 struct nfattr *tb[CTA_SECCTX_MAX];
00429
00430 nfnl_parse_nested(tb, CTA_SECCTX_MAX, attr);
00431 if (!tb[CTA_SECCTX_NAME-1])
00432 return;
00433
00434 ct->secctx = strdup(NFA_DATA(tb[CTA_SECCTX-1]));
00435 if (ct->secctx)
00436 set_bit(ATTR_SECCTX, ct->set);
00437 }
00438
00439 int __parse_message_type(const struct nlmsghdr *nlh)
00440 {
00441 u_int16_t type = NFNL_MSG_TYPE(nlh->nlmsg_type);
00442 u_int16_t flags = nlh->nlmsg_flags;
00443 int ret = NFCT_T_UNKNOWN;
00444
00445 if (type == IPCTNL_MSG_CT_NEW) {
00446 if (flags & (NLM_F_CREATE|NLM_F_EXCL))
00447 ret = NFCT_T_NEW;
00448 else
00449 ret = NFCT_T_UPDATE;
00450 } else if (type == IPCTNL_MSG_CT_DELETE)
00451 ret = NFCT_T_DESTROY;
00452
00453 return ret;
00454 }
00455
00456 void __parse_conntrack(const struct nlmsghdr *nlh,
00457 struct nfattr *cda[],
00458 struct nf_conntrack *ct)
00459 {
00460 struct nfgenmsg *nfhdr = NLMSG_DATA(nlh);
00461
00462 if (cda[CTA_TUPLE_ORIG-1]) {
00463 ct->tuple[__DIR_ORIG].l3protonum = nfhdr->nfgen_family;
00464 set_bit(ATTR_ORIG_L3PROTO, ct->set);
00465
00466 __parse_tuple(cda[CTA_TUPLE_ORIG-1],
00467 &ct->tuple[__DIR_ORIG], __DIR_ORIG, ct->set);
00468 }
00469
00470 if (cda[CTA_TUPLE_REPLY-1]) {
00471 ct->tuple[__DIR_REPL].l3protonum = nfhdr->nfgen_family;
00472 set_bit(ATTR_REPL_L3PROTO, ct->set);
00473
00474 __parse_tuple(cda[CTA_TUPLE_REPLY-1],
00475 &ct->tuple[__DIR_REPL], __DIR_REPL, ct->set);
00476 }
00477
00478 if (cda[CTA_TUPLE_MASTER-1]) {
00479 ct->tuple[__DIR_MASTER].l3protonum = nfhdr->nfgen_family;
00480 set_bit(ATTR_MASTER_L3PROTO, ct->set);
00481
00482 __parse_tuple(cda[CTA_TUPLE_MASTER-1],
00483 &ct->tuple[__DIR_MASTER], __DIR_MASTER, ct->set);
00484 }
00485
00486 if (cda[CTA_NAT_SEQ_ADJ_ORIG-1])
00487 __parse_nat_seq(cda[CTA_NAT_SEQ_ADJ_ORIG-1], ct, __DIR_ORIG);
00488
00489 if (cda[CTA_NAT_SEQ_ADJ_REPLY-1])
00490 __parse_nat_seq(cda[CTA_NAT_SEQ_ADJ_REPLY-1], ct, __DIR_REPL);
00491
00492 if (cda[CTA_STATUS-1]) {
00493 ct->status = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]));
00494 set_bit(ATTR_STATUS, ct->set);
00495 }
00496
00497 if (cda[CTA_PROTOINFO-1])
00498 __parse_protoinfo(cda[CTA_PROTOINFO-1], ct);
00499
00500 if (cda[CTA_TIMEOUT-1]) {
00501 ct->timeout = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_TIMEOUT-1]));
00502 set_bit(ATTR_TIMEOUT, ct->set);
00503 }
00504
00505 if (cda[CTA_MARK-1]) {
00506 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1]));
00507 set_bit(ATTR_MARK, ct->set);
00508 }
00509
00510 if (cda[CTA_SECMARK-1]) {
00511 ct->secmark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_SECMARK-1]));
00512 set_bit(ATTR_SECMARK, ct->set);
00513 }
00514
00515 if (cda[CTA_COUNTERS_ORIG-1])
00516 __parse_counters(cda[CTA_COUNTERS_ORIG-1], ct, __DIR_ORIG);
00517
00518 if (cda[CTA_COUNTERS_REPLY-1])
00519 __parse_counters(cda[CTA_COUNTERS_REPLY-1], ct, __DIR_REPL);
00520
00521 if (cda[CTA_USE-1]) {
00522 ct->use = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_USE-1]));
00523 set_bit(ATTR_USE, ct->set);
00524 }
00525
00526 if (cda[CTA_ID-1]) {
00527 ct->id = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_ID-1]));
00528 set_bit(ATTR_ID, ct->set);
00529 }
00530
00531 if (cda[CTA_HELP-1])
00532 __parse_helper(cda[CTA_HELP-1], ct);
00533
00534 if (cda[CTA_ZONE-1]) {
00535 ct->zone = ntohs(*(u_int16_t *)NFA_DATA(cda[CTA_ZONE-1]));
00536 set_bit(ATTR_ZONE, ct->set);
00537 }
00538
00539 if (cda[CTA_SECCTX-1])
00540 __parse_secctx(cda[CTA_SECCTX-1], ct);
00541 }
