Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 7 Apr 2020 17:49:37 +0000 (UTC)
From:      Eugene Grosbein <eugen@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org
Subject:   svn commit: r359707 - in stable/12: share/man/man4 sys/netgraph
Message-ID:  <202004071749.037Hnb9R090519@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: eugen
Date: Tue Apr  7 17:49:36 2020
New Revision: 359707
URL: https://svnweb.freebsd.org/changeset/base/359707

Log:
  MFC r357053 by markj: ng_nat: Pass IPv6 packets through.
  
  ng_nat implements NAT for IPv4 traffic only.  When connected to an
  ng_ether node it erroneously handled IPv6 packets as well.
  
  This change is not sufficient: ng_nat does not do any validation of IP
  packets in this mode, even though they have not yet passed through
  ip_input().
  
  PR:		243096
  Reported by:	Robert James Hernandez <rob@sarcasticadmin.com>
  Reviewed by:	julian
  Differential Revision:	https://reviews.freebsd.org/D23080

Modified:
  stable/12/share/man/man4/ng_nat.4
  stable/12/sys/netgraph/ng_nat.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/share/man/man4/ng_nat.4
==============================================================================
--- stable/12/share/man/man4/ng_nat.4	Tue Apr  7 17:18:22 2020	(r359706)
+++ stable/12/share/man/man4/ng_nat.4	Tue Apr  7 17:49:36 2020	(r359707)
@@ -35,7 +35,7 @@
 .Sh DESCRIPTION
 An
 .Nm
-node performs network address translation (NAT) of packets
+node performs network address translation (NAT) of IPv4 packets
 passing through it.
 A
 .Nm nat

Modified: stable/12/sys/netgraph/ng_nat.c
==============================================================================
--- stable/12/sys/netgraph/ng_nat.c	Tue Apr  7 17:18:22 2020	(r359706)
+++ stable/12/sys/netgraph/ng_nat.c	Tue Apr  7 17:49:36 2020	(r359707)
@@ -795,7 +795,6 @@ ng_nat_rcvdata(hook_p hook, item_p item )
 		eh = mtod(m, struct ether_header *);
 		switch (ntohs(eh->ether_type)) {
 		case ETHERTYPE_IP:
-		case ETHERTYPE_IPV6:
 			ipofs = sizeof(struct ether_header);
 			break;
 		default:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004071749.037Hnb9R090519>