svn commit: r312886 - head/sys/contrib/ipfilter/netinet
Cy Schubert
cy at FreeBSD.org
Fri Jan 27 14:12:36 UTC 2017
Author: cy
Date: Fri Jan 27 14:12:34 2017
New Revision: 312886
URL: https://svnweb.freebsd.org/changeset/base/312886
Log:
Fix lookup of original destination address when using a redirect rule.
Transparent proxying, e.g. to squid, is an example of this.
Obtained from: NetBSD ip_nat.c r1.17, ip_nat6.c r1.10
MFC after: 6 weeks
Modified:
head/sys/contrib/ipfilter/netinet/ip_nat.c
head/sys/contrib/ipfilter/netinet/ip_nat6.c
Modified: head/sys/contrib/ipfilter/netinet/ip_nat.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/ip_nat.c Fri Jan 27 11:59:02 2017 (r312885)
+++ head/sys/contrib/ipfilter/netinet/ip_nat.c Fri Jan 27 14:12:34 2017 (r312886)
@@ -4704,8 +4704,8 @@ ipf_nat_lookupredir(np)
}
}
- np->nl_realip = nat->nat_ndstip;
- np->nl_realport = nat->nat_ndport;
+ np->nl_realip = nat->nat_odstip;
+ np->nl_realport = nat->nat_odport;
}
}
Modified: head/sys/contrib/ipfilter/netinet/ip_nat6.c
==============================================================================
--- head/sys/contrib/ipfilter/netinet/ip_nat6.c Fri Jan 27 11:59:02 2017 (r312885)
+++ head/sys/contrib/ipfilter/netinet/ip_nat6.c Fri Jan 27 14:12:34 2017 (r312886)
@@ -2521,8 +2521,8 @@ ipf_nat6_lookupredir(np)
}
}
- np->nl_realip6 = nat->nat_ndst6.in6;
- np->nl_realport = nat->nat_ndport;
+ np->nl_realip6 = nat->nat_odst6.in6;
+ np->nl_realport = nat->nat_odport;
}
}
More information about the svn-src-head
mailing list