summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJorge Boncompte <jorge@dti2.net>2007-05-04 01:00:32 +0200
committerAdrian Bunk <bunk@stusta.de>2007-05-04 01:00:32 +0200
commitc5807ace66d5085ed94608a7e9a084085ea57ede (patch)
treef5129ba423df42b1d0f9decec62bc340103e1abd /net
parent4879e0dfe9c9199e55566a6025a729854bb2a00e (diff)
downloadlinux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.tar.gz
linux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.tar.bz2
linux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.zip
[NETFILTER]: ip_nat_proto_gre: do not modify/corrupt GREv0 packets through NAT
While porting some changes of the 2.6.21-rc7 pptp/proto_gre conntrack and nat modules to a 2.4.32 kernel I noticed that the gre_key function returns a wrong pointer to the GRE key of a version 0 packet thus corrupting the packet payload. The intended behaviour for GREv0 packets is to act like ip_conntrack_proto_generic/ip_nat_proto_unknown so I have ripped the offending functions (not used anymore) and modified the ip_nat_proto_gre modules to not touch version 0 (non PPTP) packets. Signed-off-by: Jorge Boncompte <jorge@dti2.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/ip_nat_proto_gre.c21
1 files changed, 8 insertions, 13 deletions
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c
index 6c4899d8046a..fb4ec670f005 100644
--- a/net/ipv4/netfilter/ip_nat_proto_gre.c
+++ b/net/ipv4/netfilter/ip_nat_proto_gre.c
@@ -71,6 +71,11 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple,
u_int16_t *keyptr;
unsigned int min, i, range_size;
+ /* If there is no master conntrack we are not PPTP,
+ do not change tuples */
+ if (!conntrack->master)
+ return 0;
+
if (maniptype == IP_NAT_MANIP_SRC)
keyptr = &tuple->src.u.gre.key;
else
@@ -123,19 +128,9 @@ gre_manip_pkt(struct sk_buff **pskb,
if (maniptype == IP_NAT_MANIP_DST) {
/* key manipulation is always dest */
switch (greh->version) {
- case 0:
- if (!greh->key) {
- DEBUGP("can't nat GRE w/o key\n");
- break;
- }
- if (greh->csum) {
- /* FIXME: Never tested this code... */
- *(gre_csum(greh)) =
- ip_nat_cheat_check(~*(gre_key(greh)),
- tuple->dst.u.gre.key,
- *(gre_csum(greh)));
- }
- *(gre_key(greh)) = tuple->dst.u.gre.key;
+ case GRE_VERSION_1701:
+ /* We do not currently NAT any GREv0 packets.
+ * Try to behave like "ip_nat_proto_unknown" */
break;
case GRE_VERSION_PPTP:
DEBUGP("call_id -> 0x%04x\n",