svn commit: r322073 - head/sys/contrib/ipfilter/netinet
Cy Schubert
cy at FreeBSD.org
Sat Aug 5 00:28:43 UTC 2017
Author: cy
Date: Sat Aug 5 00:28:42 2017
New Revision: 322073
URL: https://svnweb.freebsd.org/changeset/base/322073
Log:
Fix matchcing of NATed ICMP queries (resolving NATed MTU discovery).
MFC after: 1 month
Modified:
head/sys/contrib/ipfilter/netinet/ip_nat.c
Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/ip_nat.c Fri Aug 4 23:34:39 2017 (r322072)
+++ head/sys/contrib/ipfilter/netinet/ip_nat.c Sat Aug 5 00:28:42 2017 (r322073)
@@ -4100,13 +4100,8 @@ ipf_nat_inlookup(fin, flags, p, src, mapdst)
dport = htons(fin->fin_data[1]);
break;
case IPPROTO_ICMP :
- if (flags & IPN_ICMPERR) {
- sport = fin->fin_data[1];
- dport = 0;
- } else {
- dport = fin->fin_data[1];
- sport = 0;
- }
+ sport = 0;
+ dport = fin->fin_data[1];
break;
default :
sport = 0;
@@ -4426,8 +4421,6 @@ ipf_nat_outlookup(fin, flags, p, src, dst)
ifp = fin->fin_ifp;
sflags = flags & IPN_TCPUDPICMP;
- sport = 0;
- dport = 0;
switch (p)
{
@@ -4437,12 +4430,12 @@ ipf_nat_outlookup(fin, flags, p, src, dst)
dport = htons(fin->fin_data[1]);
break;
case IPPROTO_ICMP :
- if (flags & IPN_ICMPERR)
- sport = fin->fin_data[1];
- else
- dport = fin->fin_data[1];
+ sport = 0;
+ dport = fin->fin_data[1];
break;
default :
+ sport = 0;
+ dport = 0;
break;
}
More information about the svn-src-all
mailing list