From ba88b262c38669d8a3bdcaabe6684fd192d2540e Mon Sep 17 00:00:00 2001
From: cy <cy@FreeBSD.org>
Date: Sun, 12 Oct 2014 16:51:02 +0000
Subject: MFC r271972

Fix ipfilter bug #536 ipnat can try to print rule as dstlist incorrectly.

Obtained from:	ipfilter CVS repo (r1.14), netbsd CVS repo (r1.3)
---
 contrib/ipfilter/lib/printnat.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/contrib/ipfilter/lib/printnat.c b/contrib/ipfilter/lib/printnat.c
index 37a7e12..a94d4ee 100644
--- a/contrib/ipfilter/lib/printnat.c
+++ b/contrib/ipfilter/lib/printnat.c
@@ -153,7 +153,8 @@ printnat(np, opts)
 
 	} else if (np->in_redir & NAT_REWRITE) {
 		PRINTF(" -> src ");
-		if (np->in_nsrc.na_type == IPLT_DSTLIST) {
+		if (np->in_nsrc.na_atype == FRI_LOOKUP &&
+		    np->in_nsrc.na_type == IPLT_DSTLIST) {
 			PRINTF("dstlist/");
 			if (np->in_nsrc.na_subtype == 0)
 				PRINTF("%d", np->in_nsrc.na_num);
@@ -174,7 +175,8 @@ printnat(np, opts)
 			}
 		}
 		PRINTF(" dst ");
-		if (np->in_ndst.na_type == IPLT_DSTLIST) {
+		if (np->in_ndst.na_atype == FRI_LOOKUP &&
+		    np->in_ndst.na_type == IPLT_DSTLIST) {
 			PRINTF("dstlist/");
 			if (np->in_ndst.na_subtype == 0)
 				PRINTF("%d", np->in_nsrc.na_num);
-- 
cgit v1.1