Author: markj Date: Thu Jan 23 16:45:48 2020 New Revision: 357053 URL: https://svnweb.freebsd.org/changeset/base/357053
Log: ng_nat: Pass IPv6 packets through. ng_nat implements NAT for IPv4 traffic only. When connected to an ng_ether node it erroneously handled IPv6 packets as well. This change is not sufficient: ng_nat does not do any validation of IP packets in this mode, even though they have not yet passed through ip_input(). PR: 243096 Reported by: Robert James Hernandez <r...@sarcasticadmin.com> Reviewed by: julian Differential Revision: https://reviews.freebsd.org/D23080 Modified: head/share/man/man4/ng_nat.4 head/sys/netgraph/ng_nat.c Modified: head/share/man/man4/ng_nat.4 ============================================================================== --- head/share/man/man4/ng_nat.4 Thu Jan 23 16:45:10 2020 (r357052) +++ head/share/man/man4/ng_nat.4 Thu Jan 23 16:45:48 2020 (r357053) @@ -35,7 +35,7 @@ .Sh DESCRIPTION An .Nm -node performs network address translation (NAT) of packets +node performs network address translation (NAT) of IPv4 packets passing through it. A .Nm nat Modified: head/sys/netgraph/ng_nat.c ============================================================================== --- head/sys/netgraph/ng_nat.c Thu Jan 23 16:45:10 2020 (r357052) +++ head/sys/netgraph/ng_nat.c Thu Jan 23 16:45:48 2020 (r357053) @@ -795,7 +795,6 @@ ng_nat_rcvdata(hook_p hook, item_p item ) eh = mtod(m, struct ether_header *); switch (ntohs(eh->ether_type)) { case ETHERTYPE_IP: - case ETHERTYPE_IPV6: ipofs = sizeof(struct ether_header); break; default: _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
