diff options
author | darrenr <darrenr@FreeBSD.org> | 2004-12-17 02:29:34 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2004-12-17 02:29:34 +0000 |
commit | bb353fef0fffa9414d8808468db970927ecf8ae3 (patch) | |
tree | 314b4e096449940da86d0d93f6eef78752c6dd89 /sys | |
parent | 60517f20121502ce4c054b2e35685a9bf1294d2f (diff) | |
download | FreeBSD-src-bb353fef0fffa9414d8808468db970927ecf8ae3.zip FreeBSD-src-bb353fef0fffa9414d8808468db970927ecf8ae3.tar.gz |
Allow ipnat redirect rules to work for non-TCP/UDP packets.
PR: 70038
Submitted by: fming@borderware.com
Reviewed by: darrenr
Obtained from: fming@borderware.com
Diffstat (limited to 'sys')
-rw-r--r-- | sys/contrib/ipfilter/netinet/ip_nat.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_nat.c b/sys/contrib/ipfilter/netinet/ip_nat.c index 49de89b..997b59d 100644 --- a/sys/contrib/ipfilter/netinet/ip_nat.c +++ b/sys/contrib/ipfilter/netinet/ip_nat.c @@ -132,7 +132,7 @@ u_long fr_defnatage = DEF_NAT_AGE, fr_defnaticmpage = 6; /* 3 seconds */ natstat_t nat_stats; int fr_nat_lock = 0; -#if (SOLARIS || defined(__sgi)) && defined(_KERNEL) +#ifdef USE_MUTEX extern kmutex_t ipf_rw; extern KRWLOCK_T ipf_nat; #endif @@ -2613,8 +2613,10 @@ maskloop: hv = NAT_HASH_FN(iph, 0, ipf_rdrrules_sz); for (np = rdr_rules[hv]; np; np = np->in_rnext) { if ((np->in_ifp && (np->in_ifp != ifp)) || - (np->in_p && (np->in_p != fin->fin_p)) || - (np->in_flags && !(nflags & np->in_flags))) + (np->in_p && (np->in_p != fin->fin_p))) + continue; + if ((np->in_flags & IPN_RF) && + !(nflags & np->in_flags)) continue; if (np->in_flags & IPN_FILTER) { if (!nat_match(fin, np, ip)) |