diff options
author | Jorge Boncompte <jorge@dti2.net> | 2007-05-04 01:00:32 +0200 |
---|---|---|
committer | Adrian Bunk <bunk@stusta.de> | 2007-05-04 01:00:32 +0200 |
commit | c5807ace66d5085ed94608a7e9a084085ea57ede (patch) | |
tree | f5129ba423df42b1d0f9decec62bc340103e1abd /net | |
parent | 4879e0dfe9c9199e55566a6025a729854bb2a00e (diff) | |
download | linux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.tar.gz linux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.tar.bz2 linux-stable-c5807ace66d5085ed94608a7e9a084085ea57ede.zip |
[NETFILTER]: ip_nat_proto_gre: do not modify/corrupt GREv0 packets through NAT
While porting some changes of the 2.6.21-rc7 pptp/proto_gre conntrack
and nat modules to a 2.4.32 kernel I noticed that the gre_key function
returns a wrong pointer to the GRE key of a version 0 packet thus
corrupting the packet payload.
The intended behaviour for GREv0 packets is to act like
ip_conntrack_proto_generic/ip_nat_proto_unknown so I have ripped the
offending functions (not used anymore) and modified the
ip_nat_proto_gre modules to not touch version 0 (non PPTP) packets.
Signed-off-by: Jorge Boncompte <jorge@dti2.net>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_nat_proto_gre.c | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c index 6c4899d8046a..fb4ec670f005 100644 --- a/net/ipv4/netfilter/ip_nat_proto_gre.c +++ b/net/ipv4/netfilter/ip_nat_proto_gre.c @@ -71,6 +71,11 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple, u_int16_t *keyptr; unsigned int min, i, range_size; + /* If there is no master conntrack we are not PPTP, + do not change tuples */ + if (!conntrack->master) + return 0; + if (maniptype == IP_NAT_MANIP_SRC) keyptr = &tuple->src.u.gre.key; else @@ -123,19 +128,9 @@ gre_manip_pkt(struct sk_buff **pskb, if (maniptype == IP_NAT_MANIP_DST) { /* key manipulation is always dest */ switch (greh->version) { - case 0: - if (!greh->key) { - DEBUGP("can't nat GRE w/o key\n"); - break; - } - if (greh->csum) { - /* FIXME: Never tested this code... */ - *(gre_csum(greh)) = - ip_nat_cheat_check(~*(gre_key(greh)), - tuple->dst.u.gre.key, - *(gre_csum(greh))); - } - *(gre_key(greh)) = tuple->dst.u.gre.key; + case GRE_VERSION_1701: + /* We do not currently NAT any GREv0 packets. + * Try to behave like "ip_nat_proto_unknown" */ break; case GRE_VERSION_PPTP: DEBUGP("call_id -> 0x%04x\n", |