Bug 201519

Sat May 21 19:54:05 UTC 2016

Hi!

> I have patched and tested "case IPPROTO_UDP".  It works. Other cases 
> should work too I think.
> 
> It's against releng/10.3
> --- sys/netpfil/pf/pf.c.orig    2016-05-21 17:57:29.420602000 +0300
> +++ sys/netpfil/pf/pf.c 2016-05-21 18:01:09.119724000 +0300
> @@ -4866,8 +4866,7 @@ pf_test_state_icmp(struct pf_state **sta
>                                      &nk->addr[pd2.didx], pd2.af) ||
>                                      nk->port[pd2.didx] != uh.uh_dport)
>                                          pf_change_icmp(pd2.dst, 
> &uh.uh_dport,
> -                                           NULL, /* XXX Inbound NAT? */
> - &nk->addr[pd2.didx],
> +                                           saddr, &nk->addr[pd2.didx],
>                                              nk->port[pd2.didx], &uh.uh_sum,
>                                              pd2.ip_sum, icmpsum,
>                                              pd->ip_sum, 1, pd2.af);
> 

Can you add this patch to the PR you mention ?

-- 
pi at opsec.eu            +49 171 3101372                         4 years to go !