Author: cy
Date: Fri Jan 27 14:12:34 2017
New Revision: 312886
URL: https://svnweb.freebsd.org/changeset/base/312886
Log:
Fix lookup of original destination address when using a redirect rule.
Transparent proxying, e.g. to squid, is an example of this.
Obtained from: NetBSD ip_nat.c r1.17, ip_nat6.c r1.10
MFC after: 6 weeks
Modified:
head/sys/contrib/ipfilter/netinet/ip_nat.c
head/sys/contrib/ipfilter/netinet/ip_nat6.c
Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/ip_nat.c Fri Jan 27 11:59:02 2017
(r312885)
+++ head/sys/contrib/ipfilter/netinet/ip_nat.c Fri Jan 27 14:12:34 2017
(r312886)
@@ -4704,8 +4704,8 @@ ipf_nat_lookupredir(np)
}
}
- np->nl_realip = nat->nat_ndstip;
- np->nl_realport = nat->nat_ndport;
+ np->nl_realip = nat->nat_odstip;
+ np->nl_realport = nat->nat_odport;
}
}
Modified: head/sys/contrib/ipfilter/netinet/ip_nat6.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/ip_nat6.c Fri Jan 27 11:59:02 2017
(r312885)
+++ head/sys/contrib/ipfilter/netinet/ip_nat6.c Fri Jan 27 14:12:34 2017
(r312886)
@@ -2521,8 +2521,8 @@ ipf_nat6_lookupredir(np)
}
}
- np->nl_realip6 = nat->nat_ndst6.in6;
- np->nl_realport = nat->nat_ndport;
+ np->nl_realip6 = nat->nat_odst6.in6;
+ np->nl_realport = nat->nat_odport;
}
}
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
