patch-2.4.23 linux-2.4.23/net/ipv4/netfilter/ip_nat_helper.c
Next file: linux-2.4.23/net/ipv4/netfilter/ip_nat_irc.c
Previous file: linux-2.4.23/net/ipv4/netfilter/ip_nat_core.c
Back to the patch index
Back to the overall index
- Lines: 54
- Date:
2003-11-28 10:26:21.000000000 -0800
- Orig file:
linux-2.4.22/net/ipv4/netfilter/ip_nat_helper.c
- Orig date:
2003-08-25 04:44:44.000000000 -0700
diff -urN linux-2.4.22/net/ipv4/netfilter/ip_nat_helper.c linux-2.4.23/net/ipv4/netfilter/ip_nat_helper.c
@@ -195,16 +195,11 @@
skb_trim(*skb, newlen);
}
- /* fix checksum information */
-
iph->tot_len = htons(newlen);
- (*skb)->csum = csum_partial((char *)tcph + tcph->doff*4,
- newtcplen - tcph->doff*4, 0);
-
+ /* fix checksum information */
tcph->check = 0;
tcph->check = tcp_v4_check(tcph, newtcplen, iph->saddr, iph->daddr,
- csum_partial((char *)tcph, tcph->doff*4,
- (*skb)->csum));
+ csum_partial((char *)tcph, newtcplen, 0));
ip_send_check(iph);
return 1;
@@ -238,6 +233,13 @@
newudplen = udplen - match_len + rep_len;
newlen = iph->ihl*4 + newudplen;
+ /* UDP helpers might accidentally mangle the wrong packet */
+ if (udplen < sizeof(*udph) + match_offset + match_len) {
+ if (net_ratelimit())
+ printk("ip_nat_mangle_udp_packet: undersized packet\n");
+ return 0;
+ }
+
if (newlen > 65535) {
if (net_ratelimit())
printk("ip_nat_mangle_udp_packet: nat'ed packet "
@@ -299,18 +301,12 @@
iph->tot_len = htons(newlen);
/* fix udp checksum if udp checksum was previously calculated */
- if ((*skb)->csum != 0) {
- (*skb)->csum = csum_partial((char *)udph +
- sizeof(struct udphdr),
- newudplen - sizeof(struct udphdr),
- 0);
-
+ if (udph->check != 0) {
udph->check = 0;
udph->check = csum_tcpudp_magic(iph->saddr, iph->daddr,
newudplen, IPPROTO_UDP,
csum_partial((char *)udph,
- sizeof(struct udphdr),
- (*skb)->csum));
+ newudplen, 0));
}
ip_send_check(iph);
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)