Prev: [PATCH] remove mmu notifier calls in apply_to_page_range
Next: tproxy: nf_tproxy_assign_sock() can handle tw sockets
From: Eric Dumazet on 9 Jul 2010 14:00
Le vendredi 09 juillet 2010 à 19:37 +0200, Rodrigo Partearroyo González
a écrit :
> Hi all,
> I have been testing Stateless NAT and found that ICMP packets with length
> less than 20 bytes were not correctly NAT'ed. I have found a BUG that
> makes taking into account IP header length twice, so ICMP packets smaller
> than 20 bytes were being dropped.
>
> Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
> It is taken from 2.6.34.1 stable version.
>
> Signed-off-by: Rodrigo Partearroyo González <rpartearroyo(a)albentia.com>

Acked-by: Eric Dumazet <eric.dumazet(a)gmail.com>

> ---
> diff -uprN a/net/sched/act_nat.c b/net/sched/act_nat.c
> --- a/net/sched/act_nat.c 2010-07-09 18:25:18.000000000 +0200
> +++ b/net/sched/act_nat.c 2010-07-09 18:26:16.000000000 +0200
> @@ -202,7 +202,7 @@ static int tcf_nat(struct sk_buff *skb,
> {
> struct icmphdr *icmph;
>
> - if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
> + if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
> goto drop;
>
> icmph = (void *)(skb_network_header(skb) + ihl);
> @@ -223,7 +223,7 @@ static int tcf_nat(struct sk_buff *skb,
>
> if (skb_cloned(skb) &&
> !skb_clone_writable(skb,
> - ihl + sizeof(*icmph) + sizeof(*iph)) &&
> + ihl + sizeof(*icmph)) &&
> pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
> goto drop;
>




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [PATCH] remove mmu notifier calls in apply_to_page_range
Next: tproxy: nf_tproxy_assign_sock() can handle tw sockets