From owner-svn-src-head@FreeBSD.ORG Sun Oct 5 03:58:31 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9EA7776; Sun, 5 Oct 2014 03:58:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B5369B2A; Sun, 5 Oct 2014 03:58:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s953wV8X020748; Sun, 5 Oct 2014 03:58:31 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s953wVRv020747; Sun, 5 Oct 2014 03:58:31 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201410050358.s953wVRv020747@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Sun, 5 Oct 2014 03:58:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r272555 - head/sys/contrib/ipfilter/netinet X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2014 03:58:31 -0000 Author: cy Date: Sun Oct 5 03:58:30 2014 New Revision: 272555 URL: https://svnweb.freebsd.org/changeset/base/272555 Log: ipfilter bug #537 NAT rules with sticky have incorrect hostmap IP address. This fixes when an IP address mapping is put in the hostmap table for sticky NAT rules, it ends up having the wrong byte order. Obtained from: ipfilter CVS repo (r1.102), NetBSD CVS repo (r1.12) Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c ============================================================================== --- head/sys/contrib/ipfilter/netinet/ip_nat.c Sun Oct 5 03:52:09 2014 (r272554) +++ head/sys/contrib/ipfilter/netinet/ip_nat.c Sun Oct 5 03:58:30 2014 (r272555) @@ -2946,10 +2946,11 @@ ipf_nat_newrdr(fin, nat, ni) */ if (np->in_flags & IPN_SPLIT) { in.s_addr = np->in_dnip; + inb.s_addr = htonl(in.s_addr); if ((np->in_flags & (IPN_ROUNDR|IPN_STICKY)) == IPN_STICKY) { hm = ipf_nat_hostmap(softn, NULL, fin->fin_src, - fin->fin_dst, in, (u_32_t)dport); + fin->fin_dst, inb, (u_32_t)dport); if (hm != NULL) { in.s_addr = hm->hm_ndstip.s_addr; move = 0; @@ -3050,13 +3051,14 @@ ipf_nat_newrdr(fin, nat, ni) return -1; } + inb.s_addr = htonl(in.s_addr); nat->nat_ndstaddr = htonl(in.s_addr); nat->nat_odstip = fin->fin_dst; nat->nat_nsrcip = fin->fin_src; nat->nat_osrcip = fin->fin_src; if ((nat->nat_hm == NULL) && ((np->in_flags & IPN_STICKY) != 0)) nat->nat_hm = ipf_nat_hostmap(softn, np, fin->fin_src, - fin->fin_dst, in, (u_32_t)dport); + fin->fin_dst, inb, (u_32_t)dport); if (flags & IPN_TCPUDP) { nat->nat_odport = dport;