__be32 newsrc;
NF_CT_ASSERT(par->hooknum == NF_INET_POST_ROUTING);
-@@ -72,13 +72,28 @@ masquerade_tg(struct sk_buff *skb, const
+@@ -69,13 +69,27 @@ masquerade_tg(struct sk_buff *skb, const
return NF_ACCEPT;
mr = par->targinfo;
-- rt = skb->rtable;
+- rt = skb_rtable(skb);
- newsrc = inet_select_addr(par->out, rt->rt_gateway, RT_SCOPE_UNIVERSE);
- if (!newsrc) {
- printk("MASQUERADE: %s ate my IP address\n", par->out->name);
- return NF_DROP;
-+
+ {
+ struct flowi fl = { .nl_u = { .ip4_u =
-+ { .daddr = ip_hdr(skb)->daddr,
-+ .tos = (RT_TOS(ip_hdr(skb)->tos) |
-+ RTO_CONN),
-+ .gw = skb->rtable->rt_gateway,
-+ } },
-+ .mark = skb->mark,
-+ .oif = par->out->ifindex };
++ { .daddr = ip_hdr(skb)->daddr,
++ .tos = (RT_TOS(ip_hdr(skb)->tos) |
++ RTO_CONN),
++ .gw = skb->rtable->rt_gateway,
++ } },
++ .mark = skb->mark,
++ .oif = par->out->ifindex };
+ if (ip_route_output_key(dev_net(par->out), &rt, &fl) != 0) {
+ /* Funky routing can do this. */
+ if (net_ratelimit())
+ printk("MASQUERADE:"
-+ " No route: Rusty's brain broke!\n");
++ " No route: Rusty's brain broke!\n");
+ return NF_DROP;
+ }
}
+ newsrc = rt->rt_src;
+ ip_rt_put(rt);
+
- write_lock_bh(&masq_lock);
nat->masq_index = par->out->ifindex;
- write_unlock_bh(&masq_lock);
+
+ /* Transfer from original range. */
diff -urp v2.6.28/linux/net/ipv4/netfilter/nf_nat_core.c linux/net/ipv4/netfilter/nf_nat_core.c
--- v2.6.28/linux/net/ipv4/netfilter/nf_nat_core.c 2008-12-25 10:12:25.000000000 +0200
+++ linux/net/ipv4/netfilter/nf_nat_core.c 2009-02-06 09:43:23.000000000 +0200
projects / packages / kernel.git / blobdiff