diff options
author | glebius <glebius@FreeBSD.org> | 2005-05-10 14:19:10 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2005-05-10 14:19:10 +0000 |
commit | 0703a0423457df2d6faca51f4d4a00226b1ad7c5 (patch) | |
tree | 34548e3a51cd9a77b52decd8f6191d110b6e6df8 /sys/netgraph/ng_nat.c | |
parent | 49e445d4c11983302ec8c9e3ad183ae29dd8be84 (diff) | |
download | FreeBSD-src-0703a0423457df2d6faca51f4d4a00226b1ad7c5.zip FreeBSD-src-0703a0423457df2d6faca51f4d4a00226b1ad7c5.tar.gz |
- Assert that mbuf length equals packet length.
- Tell libalias, that we have MCLBYTES to play with.
- Obtain length of data in mbuf from updated IP header.
Diffstat (limited to 'sys/netgraph/ng_nat.c')
-rw-r--r-- | sys/netgraph/ng_nat.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/sys/netgraph/ng_nat.c b/sys/netgraph/ng_nat.c index b353e2e..e90e1f1 100644 --- a/sys/netgraph/ng_nat.c +++ b/sys/netgraph/ng_nat.c @@ -204,7 +204,7 @@ ng_nat_rcvdata(hook_p hook, item_p item ) { const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); struct mbuf *m; - int plen; + struct ip *ip; int rval, error = 0; char *c; @@ -221,26 +221,31 @@ ng_nat_rcvdata(hook_p hook, item_p item ) return (ENOBUFS); } - plen = m->m_pkthdr.len; - NGI_M(item) = m; + KASSERT(m->m_pkthdr.len == ntohs(ip->ip_len), + ("ng_nat: ip_len != m_pkthdr.len")); + c = mtod(m, char *); + ip = mtod(m, struct ip *); + if (hook == priv->in) { - rval = LibAliasIn(priv->lib, c, plen); + rval = LibAliasIn(priv->lib, c, MCLBYTES); if (rval != PKT_ALIAS_OK) { printf("in %u\n", rval); NG_FREE_ITEM(item); return (EINVAL); } + m->m_pkthdr.len = m->m_len = ntohs(ip->ip_len); NG_FWD_ITEM_HOOK(error, item, priv->out); } else if (hook == priv->out) { - rval = LibAliasOut(priv->lib, c, plen); + rval = LibAliasOut(priv->lib, c, MCLBYTES); if (rval != PKT_ALIAS_OK) { printf("out %u\n", rval); NG_FREE_ITEM(item); return (EINVAL); } + m->m_pkthdr.len = m->m_len = ntohs(ip->ip_len); NG_FWD_ITEM_HOOK(error, item, priv->in); } else panic("ng_nat: unknown hook!\n"); |