diff options
| author |   Alexander Chernavin <achernavin@netgate.com> | 2020-03-12 08:42:12 -0400 |
|---|---|---|
| committer |   Ole Trøan <otroan@employees.org> | 2020-03-15 11:37:17 +0000 |
| commit | cd5a4a035c0c7a7ca9f915bee83abde085c05ad7 (patch) | |
| tree | 1977e2afab3b7891769d2ba177a84af1bc7c4eda /src/plugins/map/ip4_map_t.c | |
| parent | 1e844aa1cef347bb92a404a1d2f40d14ce646c26 (diff) | |
map: fix translation of icmp4 error messages
ICMP error messages are translated to ICMPv6 error messages with
erroneous destination address in the outer IPv6 header because sender
port is used instead of receiver port.
Both source and destination addresses in the inner IPv6 header are
translated erroneously because source and destination addresses of the
inner IPv4 header are getting zeroed during the translation.
With this commit, use receiver port for translation and save addresses
of the inner IPv4 header before translation of the inner header.
Type: fix
Change-Id: I1e93d54c1bbc154b401adcbb0fb661299655d01a
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Diffstat (limited to 'src/plugins/map/ip4_map_t.c')
| -rw-r--r-- | src/plugins/map/ip4_map_t.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/plugins/map/ip4_map_t.c b/src/plugins/map/ip4_map_t.c index 4c0dd629aa8..7d16d7aa455 100644 --- a/src/plugins/map/ip4_map_t.c +++ b/src/plugins/map/ip4_map_t.c @@ -92,14 +92,18 @@ ip4_to_ip6_set_inner_icmp_cb (vlib_buffer_t * b, ip4_header_t * ip4, ip6_header_t * ip6, void *arg) { icmp_to_icmp6_ctx_t *ctx = arg; + ip4_address_t old_src, old_dst; + + old_src.as_u32 = ip4->src_address.as_u32; + old_dst.as_u32 = ip4->dst_address.as_u32; //Note that the source address is within the domain //while the destination address is the one outside the domain - ip4_map_t_embedded_address (ctx->d, &ip6->dst_address, &ip4->dst_address); + ip4_map_t_embedded_address (ctx->d, &ip6->dst_address, &old_dst); ip6->src_address.as_u64[0] = - map_get_pfx_net (ctx->d, ip4->src_address.as_u32, ctx->recv_port); + map_get_pfx_net (ctx->d, old_src.as_u32, ctx->recv_port); ip6->src_address.as_u64[1] = - map_get_sfx_net (ctx->d, ip4->src_address.as_u32, ctx->recv_port); + map_get_sfx_net (ctx->d, old_src.as_u32, ctx->recv_port); return 0; } @@ -150,7 +154,7 @@ ip4_map_t_icmp (vlib_main_t * vm, vnet_buffer (p0)->map_t.map_domain_index); ip40 = vlib_buffer_get_current (p0); - ctx0.recv_port = ip4_get_port (ip40, 1); + ctx0.recv_port = ip4_get_port (ip40, 0); ctx0.d = d0; if (ctx0.recv_port == 0) { |