Hi,
On Tue, 2004-04-20 at 19:55, gueluy david wrote:
> NAT lookup seems broken. The 'nat_outlookup' function initializes
> source and dest port just if the protocol is specified and
> 'nat_lookupredir' always set protocol value as '0'.
Sure, I've had the same problems. Furthermore, the ABI is changed wrt
IP Filter 3.4, and the examples aren't updated yet. The attached patch
is a quick fix for the lookup problem, but it would definitely need some
more work...
--
Regards,
Krisztian KOVACS
--- ip_nat.c Mon Apr 26 16:59:20 2004
+++ /home/hidden/ip_nat.c Tue Apr 27 16:32:01 2004
@@ -3290,6 +3290,14 @@
else
dport = fin->fin_data[1];
break;
+ case 0:
+ /* nat_lookupredir() calls nat_outlookup with p=0, but we still need
+ sport and dport to find the entry... */
+ if (flags & IPN_TCPUDP) {
+ sport = htons(fin->fin_data[0]);
+ dport = htons(fin->fin_data[1]);
+ }
+ break;
default :
break;
}
