[NETFILTER]: nf_conntrack_sctp: basic cleanups

	for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {

		pr_debug("Chunk Num: %d  Type: %d\n", count, sch->type);

		if (sch->type == SCTP_CID_INIT

			|| sch->type == SCTP_CID_INIT_ACK

			|| sch->type == SCTP_CID_SHUTDOWN_COMPLETE) {

		if (sch->type == SCTP_CID_INIT ||

		    sch->type == SCTP_CID_INIT_ACK ||

		    sch->type == SCTP_CID_SHUTDOWN_COMPLETE)

			flag = 1;

		}

		/*

		 * Cookie Ack/Echo chunks not the first OR

		 * Init / Init Ack / Shutdown compl chunks not the only chunks

		 * OR zero-length.

		 */

		if (((sch->type == SCTP_CID_COOKIE_ACK

			|| sch->type == SCTP_CID_COOKIE_ECHO

			|| flag)

		      && count !=0) || !sch->length) {

		if (((sch->type == SCTP_CID_COOKIE_ACK ||

		      sch->type == SCTP_CID_COOKIE_ECHO ||

		      flag) &&

		     count != 0) || !sch->length) {

			pr_debug("Basic checks failed\n");

			return 1;

		}

		if (map) {

		if (map)

			set_bit(sch->type, (void *)map);

	}

	}

	pr_debug("Basic checks passed\n");

	return count == 0;

	switch (chunk_type) {

	case SCTP_CID_INIT:

		pr_debug("SCTP_CID_INIT\n");

			i = 0; break;

		i = 0;

		break;

	case SCTP_CID_INIT_ACK:

		pr_debug("SCTP_CID_INIT_ACK\n");

			i = 1; break;

		i = 1;

		break;

	case SCTP_CID_ABORT:

		pr_debug("SCTP_CID_ABORT\n");

			i = 2; break;

		i = 2;

		break;

	case SCTP_CID_SHUTDOWN:

		pr_debug("SCTP_CID_SHUTDOWN\n");

			i = 3; break;

		i = 3;

		break;

	case SCTP_CID_SHUTDOWN_ACK:

		pr_debug("SCTP_CID_SHUTDOWN_ACK\n");

			i = 4; break;

		i = 4;

		break;

	case SCTP_CID_ERROR:

		pr_debug("SCTP_CID_ERROR\n");

			i = 5; break;

		i = 5;

		break;

	case SCTP_CID_COOKIE_ECHO:

		pr_debug("SCTP_CID_COOKIE_ECHO\n");

			i = 6; break;

		i = 6;

		break;

	case SCTP_CID_COOKIE_ACK:

		pr_debug("SCTP_CID_COOKIE_ACK\n");

			i = 7; break;

		i = 7;

		break;

	case SCTP_CID_SHUTDOWN_COMPLETE:

		pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n");

			i = 8; break;

		i = 8;

		break;

	default:

		/* Other chunks like DATA, SACK, HEARTBEAT and

		its ACK do not cause a change in state */

		return -1;

	/* Check the verification tag (Sec 8.5) */

	if (!test_bit(SCTP_CID_INIT, (void *)map)

		&& !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map)

		&& !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map)

		&& !test_bit(SCTP_CID_ABORT, (void *)map)

		&& !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map)

		&& (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) {

	if (!test_bit(SCTP_CID_INIT, (void *)map) &&

	    !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) &&

	    !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) &&

	    !test_bit(SCTP_CID_ABORT, (void *)map) &&

	    !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) &&

	    sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) {

		pr_debug("Verification tag check failed\n");

		return -1;

	}

			}

		} else if (sch->type == SCTP_CID_ABORT) {

			/* Sec 8.5.1 (B) */

			if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])

				&& !(sh->vtag == conntrack->proto.sctp.vtag

							[1 - CTINFO2DIR(ctinfo)])) {

			if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] &&

			    sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)]) {

				write_unlock_bh(&sctp_lock);

				return -1;

			}

		} else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) {

			/* Sec 8.5.1 (C) */

			if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])

				&& !(sh->vtag == conntrack->proto.sctp.vtag

							[1 - CTINFO2DIR(ctinfo)]

					&& (sch->flags & 1))) {

			if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] &&

			    sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)] &&

			    (sch->flags & 1)) {

				write_unlock_bh(&sctp_lock);

				return -1;

			}

		} else if (sch->type == SCTP_CID_COOKIE_ECHO) {

			/* Sec 8.5.1 (D) */

			if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) {

			if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) {

				write_unlock_bh(&sctp_lock);

				return -1;

			}

		}

		/* If it is an INIT or an INIT ACK note down the vtag */

		if (sch->type == SCTP_CID_INIT

			|| sch->type == SCTP_CID_INIT_ACK) {

		if (sch->type == SCTP_CID_INIT ||

		    sch->type == SCTP_CID_INIT_ACK) {

			sctp_inithdr_t _inithdr, *ih;

			ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t),

	nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]);

	if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED

		&& CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY

		&& newconntrack == SCTP_CONNTRACK_ESTABLISHED) {

	if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED &&

	    CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY &&

	    newconntrack == SCTP_CONNTRACK_ESTABLISHED) {

		pr_debug("Setting assured bit\n");

		set_bit(IPS_ASSURED_BIT, &conntrack->status);

		nf_conntrack_event_cache(IPCT_STATUS, skb);

		return 0;

	/* If an OOTB packet has any of these chunks discard (Sec 8.4) */

	if ((test_bit (SCTP_CID_ABORT, (void *)map))

		|| (test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map))

		|| (test_bit (SCTP_CID_COOKIE_ACK, (void *)map))) {

	if (test_bit (SCTP_CID_ABORT, (void *)map) ||

	    test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) ||

	    test_bit (SCTP_CID_COOKIE_ACK, (void *)map))

		return 0;

	}

	newconntrack = SCTP_CONNTRACK_MAX;

	for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {