Inicio Explorar Axuda
Iniciar sesión
GfA
/
linux_kernel
5
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

[NETFILTER]: nf_nat_pptp: fix expectation removal

When removing the expectation for the opposite direction, the PPTP NAT
helper initializes the tuple for lookup with the addresses of the
opposite direction, which makes the lookup fail.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy %!s(int64=19) %!d(string=hai) anos
pai
c72c6b2a29
achega
a46bf7d5a8
Modificáronse 1 ficheiros con 2 adicións e 2 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 2
      net/ipv4/netfilter/nf_nat_pptp.c

+ 2 - 2
net/ipv4/netfilter/nf_nat_pptp.c
Ver ficheiro 

@@ -72,9 +72,9 @@ static void pptp_nat_expected(struct nf_conn *ct,
 
 		DEBUGP("we are PAC->PNS\n");
 
 		/* build tuple for PNS->PAC */
 
 		t.src.l3num = AF_INET;
 
-		t.src.u3.ip = master->tuplehash[exp->dir].tuple.src.u3.ip;
 
+		t.src.u3.ip = master->tuplehash[!exp->dir].tuple.src.u3.ip;
 
 		t.src.u.gre.key = nat_pptp_info->pns_call_id;
 
-		t.dst.u3.ip = master->tuplehash[exp->dir].tuple.dst.u3.ip;
 
+		t.dst.u3.ip = master->tuplehash[!exp->dir].tuple.dst.u3.ip;
 
 		t.dst.u.gre.key = nat_pptp_info->pac_call_id;
 
 		t.dst.protonum = IPPROTO_GRE;
 
 	}