patch-2.4.8 linux/net/ipv4/netfilter/ip_nat_proto_tcp.c
Next file: linux/net/ipv4/tcp_minisocks.c
Previous file: linux/net/ipv4/netfilter/ip_conntrack_core.c
Back to the patch index
Back to the overall index
- Lines: 19
- Date:
Tue Aug 7 08:30:50 2001
- Orig file:
v2.4.7/linux/net/ipv4/netfilter/ip_nat_proto_tcp.c
- Orig date:
Fri Mar 17 10:56:20 2000
diff -u --recursive --new-file v2.4.7/linux/net/ipv4/netfilter/ip_nat_proto_tcp.c linux/net/ipv4/netfilter/ip_nat_proto_tcp.c
@@ -92,10 +92,17 @@
oldip = iph->daddr;
portptr = &hdr->dest;
}
- hdr->check = ip_nat_cheat_check(~oldip, manip->ip,
+
+ /* this could be a inner header returned in icmp packet; in such
+ cases we cannot update the checksum field since it is outside of
+ the 8 bytes of transport layer headers we are guaranteed */
+ if(((void *)&hdr->check + sizeof(hdr->check) - (void *)iph) <= len) {
+ hdr->check = ip_nat_cheat_check(~oldip, manip->ip,
ip_nat_cheat_check(*portptr ^ 0xFFFF,
manip->u.tcp.port,
hdr->check));
+ }
+
*portptr = manip->u.tcp.port;
}
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)