Fix serializing Zone field in nestAttributes

joyent · Jun 10, 2022 · bf29989 · bf29989
1 parent 6b680b0
commit bf29989
Show file tree

Hide file tree

Showing 3 changed files with 109 additions and 2 deletions.
diff --git a/example/example b/example/example
diff --git a/example/main.go b/example/main.go
@@ -13,7 +13,9 @@ import (
 )
 
 func main() {
-	ExampleUpdate()
+	//ExampleUpdate()
+
+	ExampleNfct_Dump()
 }
 
 func ExampleEvent() {
@@ -53,6 +55,89 @@ func ExampleEvent() {
 
 }
 
+func dumpCon(con *ct.Con) {
+	org := con.Origin
+
+	src := org.Src.String()
+	dst := org.Dst.String()
+	proto := org.Proto
+
+	var sp, dp uint16
+	var zone uint16
+	var mark uint32
+
+	if con.Zone != nil {
+		zone = *con.Zone
+	}
+
+	if con.Mark != nil {
+		mark = *con.Mark
+	}
+
+	if proto.SrcPort != nil {
+		sp = *proto.SrcPort
+	}
+
+	if proto.DstPort != nil {
+		dp = *proto.DstPort
+	}
+
+	var label []byte
+	if con.Label != nil {
+		label = *con.Label
+	}
+
+	fmt.Printf(">>> con:%+v, org:%+v, reply: %+v \n", con, con.Origin, con.Reply)
+
+	if *proto.Number == 1 {
+		var id uint16
+		var t, c uint8
+
+		if proto.IcmpID != nil {
+			id = *proto.IcmpID
+		}
+
+		if proto.IcmpType != nil {
+			t = *proto.IcmpType
+		}
+
+		if proto.IcmpCode != nil {
+			c = *proto.IcmpCode
+		}
+
+		fmt.Printf(">>> %s => %s, id=%d, type=%d, code=%d, zone=%d, mark=%d, label=%v \n",
+			src, dst, id, t, c, zone, mark, label)
+
+	} else {
+		fmt.Printf(">>> %s:%d => %s:%d, zone=%d, mark=%d, label=%v \n", src, sp, dst, dp, zone, mark, label)
+	}
+}
+
+func updateCon(nfct *ct.Nfct, con *ct.Con) {
+
+	fmt.Printf("### Update con \n")
+	timestamp := uint32(time.Now().Unix())
+
+	label := make([]byte, 16)
+	binary.LittleEndian.PutUint32(label[1:5], timestamp)
+	label[0] = 33
+
+	labelMask := make([]byte, 16)
+	binary.LittleEndian.PutUint32(labelMask[1:5], ^uint32(0))
+	labelMask[0] = 0xff
+
+	con.Label = &label
+	con.LabelMask = &labelMask
+
+	con.Reply = nil
+	con.Mark = nil
+
+	err := nfct.Update(ct.Conntrack, ct.IPv4, *con)
+	if err != nil {
+		fmt.Println("### error UpdateBatch:", err)
+	}
+}
+
 func ExampleNfct_Dump() {
 	nfct, err := ct.Open(&ct.Config{})
 	if err != nil {
@@ -68,7 +153,18 @@ func ExampleNfct_Dump() {
 	}
 
 	for _, session := range sessions {
-		fmt.Printf("%#v\n", session)
+
+		if *session.Origin.Proto.Number == 6 &&
+			*session.Origin.Proto.DstPort == 22 {
+			dumpCon(&session)
+			updateCon(nfct, &session)
+		}
+
+		if session.Label != nil {
+			//dumpCon(&session)
+			//fmt.Printf("%#v\n", session)
+			//fmt.Printf("### Label: %+v \n", session.Label)
+		}
 	}
 }
 

diff --git a/nest.go b/nest.go
@@ -17,6 +17,7 @@ func nestAttributes(logger *log.Logger, filters *Con) ([]byte, error) {
 		}
 		ae.Bytes(ctaTupleOrig|nlafNested, data)
 	}
+
 	if filters.Reply != nil {
 		data, err := marshalIPTuple(logger, filters.Reply)
 		if err != nil {
@@ -30,6 +31,7 @@ func nestAttributes(logger *log.Logger, filters *Con) ([]byte, error) {
 		ae.Uint32(ctaID, *filters.ID)
 		ae.ByteOrder = nativeEndian
 	}
+
 	if filters.Mark != nil {
 		ae.ByteOrder = binary.BigEndian
 		ae.Uint32(ctaMark, *filters.Mark)
@@ -47,18 +49,21 @@ func nestAttributes(logger *log.Logger, filters *Con) ([]byte, error) {
 		ae.Uint32(ctaTimeout, *filters.Timeout)
 		ae.ByteOrder = nativeEndian
 	}
+
 	if filters.Status != nil {
 		ae.ByteOrder = binary.BigEndian
 		ae.Uint32(ctaStatus, *filters.Status)
 		ae.ByteOrder = nativeEndian
 	}
+
 	if filters.ProtoInfo != nil {
 		data, err := marshalProtoInfo(logger, filters.ProtoInfo)
 		if err != nil {
 			return []byte{}, err
 		}
 		ae.Bytes(ctaProtoinfo|nlafNested, data)
 	}
+
 	if filters.Helper != nil {
 		data, err := marshalHelper(logger, filters.Helper)
 		if err != nil {
@@ -89,6 +94,12 @@ func nestAttributes(logger *log.Logger, filters *Con) ([]byte, error) {
 		}
 	}
 
+	if filters.Zone != nil {
+		ae.ByteOrder = binary.BigEndian
+		ae.Uint16(ctaZone, *filters.Zone)
+		ae.ByteOrder = nativeEndian
+	}
+
 	return ae.Encode()
 }