patch-2.4.27 linux-2.4.27/net/ipv4/netfilter/ip_nat_core.c

Next file: linux-2.4.27/net/ipv4/netfilter/ip_nat_rule.c
Previous file: linux-2.4.27/net/ipv4/netfilter/ip_fw_compat_masq.c
Back to the patch index
Back to the overall index

Lines: 22
Date: 2004-08-07 16:26:06.990442764 -0700
Orig file: linux-2.4.26/net/ipv4/netfilter/ip_nat_core.c
Orig date: 2004-02-18 05:36:32.000000000 -0800


diff -urN linux-2.4.26/net/ipv4/netfilter/ip_nat_core.c linux-2.4.27/net/ipv4/netfilter/ip_nat_core.c
@@ -520,6 +520,7 @@
 	MUST_BE_WRITE_LOCKED(&ip_nat_lock);
 	IP_NF_ASSERT(hooknum == NF_IP_PRE_ROUTING
 		     || hooknum == NF_IP_POST_ROUTING
+		     || hooknum == NF_IP_LOCAL_IN
 		     || hooknum == NF_IP_LOCAL_OUT);
 	IP_NF_ASSERT(info->num_manips < IP_NAT_MAX_MANIPS);
 	IP_NF_ASSERT(!(info->initialized & (1 << HOOK2MANIP(hooknum))));
@@ -882,9 +883,11 @@
 
 	IP_NF_ASSERT(skb->len >= iph->ihl*4 + sizeof(struct icmphdr));
 	/* Must be RELATED */
-	IP_NF_ASSERT(skb->nfct - (struct ip_conntrack *)skb->nfct->master
+	IP_NF_ASSERT(skb->nfct
+		     - ((struct ip_conntrack *)skb->nfct->master)->infos
 		     == IP_CT_RELATED
-		     || skb->nfct - (struct ip_conntrack *)skb->nfct->master
+		     || skb->nfct
+		     - ((struct ip_conntrack *)skb->nfct->master)->infos
 		     == IP_CT_RELATED+IP_CT_IS_REPLY);
 
 	/* Redirects on non-null nats must be dropped, else they'll

FUNET's LINUX-ADM group, linux-adm@nic.funet.fi

TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)