Commit e595a7f8 authored by Harald Welte's avatar Harald Welte Committed by Patrick McHardy

[NETFILTER]: Fix UDP checksum in ip_nat_mangle_udp_packet, remove skb->csum hacks

parent d302b497
......@@ -122,7 +122,6 @@ static void mangle_contents(struct sk_buff *skb,
/* fix IP hdr checksum information */
skb->nh.iph->tot_len = htons(skb->len);
ip_send_check(skb->nh.iph);
skb->csum = csum_partial(data, skb->len - dataoff, 0);
}
/* Unusual, but possible case. */
......@@ -167,6 +166,7 @@ ip_nat_mangle_tcp_packet(struct sk_buff **pskb,
{
struct iphdr *iph;
struct tcphdr *tcph;
int datalen;
if (!skb_ip_make_writable(pskb, (*pskb)->len))
return 0;
......@@ -184,11 +184,11 @@ ip_nat_mangle_tcp_packet(struct sk_buff **pskb,
mangle_contents(*pskb, iph->ihl*4 + tcph->doff*4,
match_offset, match_len, rep_buffer, rep_len);
datalen = (*pskb)->len - iph->ihl*4;
tcph->check = 0;
tcph->check = tcp_v4_check(tcph, (*pskb)->len - iph->ihl*4,
iph->saddr, iph->daddr,
csum_partial((char *)tcph, tcph->doff*4,
(*pskb)->csum));
tcph->check = tcp_v4_check(tcph, datalen, iph->saddr, iph->daddr,
csum_partial((char *)tcph, datalen, 0));
adjust_tcp_sequence(ntohl(tcph->seq),
(int)rep_len - (int)match_len,
ct, ctinfo);
......@@ -216,7 +216,6 @@ ip_nat_mangle_udp_packet(struct sk_buff **pskb,
{
struct iphdr *iph;
struct udphdr *udph;
int need_csum = ((*pskb)->csum != 0);
if (!skb_ip_make_writable(pskb, (*pskb)->len))
return 0;
......@@ -235,17 +234,15 @@ ip_nat_mangle_udp_packet(struct sk_buff **pskb,
udph->len = htons((*pskb)->len - iph->ihl*4);
/* fix udp checksum if udp checksum was previously calculated */
if (need_csum) {
if (udph->check) {
int datalen = (*pskb)->len - iph->ihl * 4;
udph->check = 0;
udph->check
= csum_tcpudp_magic(iph->saddr, iph->daddr,
(*pskb)->len - iph->ihl*4,
IPPROTO_UDP,
udph->check = csum_tcpudp_magic(iph->saddr, iph->daddr,
datalen, IPPROTO_UDP,
csum_partial((char *)udph,
sizeof(struct udphdr),
(*pskb)->csum));
} else
(*pskb)->csum = 0;
datalen, 0));
}
return 1;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment