Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 04 Aug 2017 17:33:48 -0700
From:      Cy Schubert <Cy.Schubert@komquats.com>
To:        Cy Schubert <cy@FreeBSD.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r322073 - head/sys/contrib/ipfilter/netinet
Message-ID:  <201708050033.v750Xm3F076876@slippy.cwsent.com>
In-Reply-To: Message from Cy Schubert <cy@FreeBSD.org> of "Sat, 05 Aug 2017 00:28:42 -0000." <201708050028.v750Sgsj015800@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <201708050028.v750Sgsj015800@repo.freebsd.org>, Cy Schubert 
writes:
> Author: cy
> Date: Sat Aug  5 00:28:42 2017
> New Revision: 322073
> URL: https://svnweb.freebsd.org/changeset/base/322073
> 
> Log:
>   Fix matchcing of NATed ICMP queries (resolving NATed MTU discovery).
>   
>   MFC after:	1 month

Obtained from: NetBSD r1.16
> 
> Modified:
>   head/sys/contrib/ipfilter/netinet/ip_nat.c
> 
> Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c
> =============================================================================
> =
> --- head/sys/contrib/ipfilter/netinet/ip_nat.c	Fri Aug  4 23:34:39 201
> 7	(r322072)
> +++ head/sys/contrib/ipfilter/netinet/ip_nat.c	Sat Aug  5 00:28:42 201
> 7	(r322073)
> @@ -4100,13 +4100,8 @@ ipf_nat_inlookup(fin, flags, p, src, mapdst)
>  		dport = htons(fin->fin_data[1]);
>  		break;
>  	case IPPROTO_ICMP :
> -		if (flags & IPN_ICMPERR) {
> -			sport = fin->fin_data[1];
> -			dport = 0;
> -		} else {
> -			dport = fin->fin_data[1];
> -			sport = 0;
> -		}
> +		sport = 0;
> +		dport = fin->fin_data[1];
>  		break;
>  	default :
>  		sport = 0;
> @@ -4426,8 +4421,6 @@ ipf_nat_outlookup(fin, flags, p, src, dst)
>  
>  	ifp = fin->fin_ifp;
>  	sflags = flags & IPN_TCPUDPICMP;
> -	sport = 0;
> -	dport = 0;
>  
>  	switch (p)
>  	{
> @@ -4437,12 +4430,12 @@ ipf_nat_outlookup(fin, flags, p, src, dst)
>  		dport = htons(fin->fin_data[1]);
>  		break;
>  	case IPPROTO_ICMP :
> -		if (flags & IPN_ICMPERR)
> -			sport = fin->fin_data[1];
> -		else
> -			dport = fin->fin_data[1];
> +		sport = 0;
> +		dport = fin->fin_data[1];
>  		break;
>  	default :
> +		sport = 0;
> +		dport = 0;
>  		break;
>  	}
>  

-- 
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  http://www.FreeBSD.org

	The need of the many outweighs the greed of the few.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201708050033.v750Xm3F076876>