svn commit: r357053 - in head: share/man/man4 sys/netgraph

[Mark Johnston]

Author: markj
Date: Thu Jan 23 16:45:48 2020
New Revision: 357053
URL: https://svnweb.freebsd.org/changeset/base/357053

Log:
  ng_nat: Pass IPv6 packets through.
  
  ng_nat implements NAT for IPv4 traffic only.  When connected to an
  ng_ether node it erroneously handled IPv6 packets as well.
  
  This change is not sufficient: ng_nat does not do any validation of IP
  packets in this mode, even though they have not yet passed through
  ip_input().
  
  PR:		243096
  Reported by:	Robert James Hernandez <rob at sarcasticadmin.com>
  Reviewed by:	julian
  Differential Revision:	https://reviews.freebsd.org/D23080

Modified:
  head/share/man/man4/ng_nat.4
  head/sys/netgraph/ng_nat.c

Modified: head/share/man/man4/ng_nat.4
==============================================================================
--- head/share/man/man4/ng_nat.4	Thu Jan 23 16:45:10 2020	(r357052)
+++ head/share/man/man4/ng_nat.4	Thu Jan 23 16:45:48 2020	(r357053)
@@ -35,7 +35,7 @@
 .Sh DESCRIPTION
 An
 .Nm
-node performs network address translation (NAT) of packets
+node performs network address translation (NAT) of IPv4 packets
 passing through it.
 A
 .Nm nat

Modified: head/sys/netgraph/ng_nat.c
==============================================================================
--- head/sys/netgraph/ng_nat.c	Thu Jan 23 16:45:10 2020	(r357052)
+++ head/sys/netgraph/ng_nat.c	Thu Jan 23 16:45:48 2020	(r357053)
@@ -795,7 +795,6 @@ ng_nat_rcvdata(hook_p hook, item_p item )
 		eh = mtod(m, struct ether_header *);
 		switch (ntohs(eh->ether_type)) {
 		case ETHERTYPE_IP:
-		case ETHERTYPE_IPV6:
 			ipofs = sizeof(struct ether_header);
 			break;
 		default: