Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/external/bsd/ipf/netinet PR kern/47665
details: https://anonhg.NetBSD.org/src/rev/42690592db0f
branches: trunk
changeset: 330503:42690592db0f
user: darrenr <darrenr%NetBSD.org@localhost>
date: Sat Jul 12 14:54:32 2014 +0000
description:
PR kern/47665
For ICMP packets, use the "oicmpid" and "nicmpid" fields explicitly rather
than overloading those with "port" in them and expecting them to work.
diffstat:
sys/external/bsd/ipf/netinet/ip_nat.c | 40 ++++++++++++++++++++++++----------
1 files changed, 28 insertions(+), 12 deletions(-)
diffs (113 lines):
diff -r 18565aa19c2a -r 42690592db0f sys/external/bsd/ipf/netinet/ip_nat.c
--- a/sys/external/bsd/ipf/netinet/ip_nat.c Sat Jul 12 14:37:12 2014 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_nat.c Sat Jul 12 14:54:32 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_nat.c,v 1.12 2014/06/28 08:02:09 darrenr Exp $ */
+/* $NetBSD: ip_nat.c,v 1.13 2014/07/12 14:54:32 darrenr Exp $ */
/*
* Copyright (C) 2012 by Darren Reed.
@@ -113,7 +113,7 @@
#if !defined(lint)
#if defined(__NetBSD__)
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_nat.c,v 1.12 2014/06/28 08:02:09 darrenr Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_nat.c,v 1.13 2014/07/12 14:54:32 darrenr Exp $");
#else
static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed";
static const char rcsid[] = "@(#)Id: ip_nat.c,v 1.1.1.2 2012/07/22 13:45:27 darrenr Exp";
@@ -3443,7 +3443,7 @@
}
ret = ipf_nat_hashtab_add(softc, softn, nat);
- if (ret == -1)
+ if (ret != 0)
MUTEX_DESTROY(&nat->nat_lock);
return ret;
}
@@ -4081,7 +4081,7 @@
continue;
} else if (p == IPPROTO_ICMP) {
- if (nat->nat_osport != dport) {
+ if (nat->nat_oicmpid != dport) {
continue;
}
}
@@ -4106,7 +4106,7 @@
continue;
} else if (p == IPPROTO_ICMP) {
- if (nat->nat_osport != dport) {
+ if (nat->nat_nicmpid != dport) {
continue;
}
}
@@ -4408,7 +4408,7 @@
continue;
} else if (p == IPPROTO_ICMP) {
- if (nat->nat_osport != dport) {
+ if (nat->nat_nicmpid != dport) {
continue;
}
}
@@ -4428,7 +4428,7 @@
continue;
} else if (p == IPPROTO_ICMP) {
- if (nat->nat_osport != dport) {
+ if (nat->nat_oicmpid != dport) {
continue;
}
}
@@ -4818,7 +4818,6 @@
nflags = IPN_UDP;
break;
case IPPROTO_ICMP :
-
/*
* This is an incoming packet, so the destination is
* the icmp_id and the source port equals 0
@@ -5185,9 +5184,18 @@
}
}
- if ((nat->nat_nsport != 0) && (nflags & IPN_ICMPQUERY)) {
+ if ((nat->nat_oicmpid != 0) && (nflags & IPN_ICMPQUERY)) {
icmp = fin->fin_dp;
- icmp->icmp_id = nat->nat_nicmpid;
+
+ switch (nat->nat_dir)
+ {
+ case NAT_OUTBOUND :
+ icmp->icmp_id = nat->nat_nicmpid;
+ break;
+ case NAT_INBOUND :
+ icmp->icmp_id = nat->nat_oicmpid;
+ break;
+ }
}
csump = ipf_nat_proto(fin, nat, nflags);
@@ -5653,10 +5661,18 @@
}
- if ((nat->nat_odport != 0) && (nflags & IPN_ICMPQUERY)) {
+ if ((nat->nat_oicmpid != 0) && (nflags & IPN_ICMPQUERY)) {
icmp = fin->fin_dp;
- icmp->icmp_id = nat->nat_nicmpid;
+ switch (nat->nat_dir)
+ {
+ case NAT_INBOUND :
+ icmp->icmp_id = nat->nat_nicmpid;
+ break;
+ case NAT_OUTBOUND :
+ icmp->icmp_id = nat->nat_oicmpid;
+ break;
+ }
}
csump = ipf_nat_proto(fin, nat, nflags);
Home |
Main Index |
Thread Index |
Old Index