diff options
author | Dave Barach <dave@barachs.net> | 2019-11-03 11:29:29 -0500 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2019-11-04 10:47:31 +0000 |
commit | 9654a37fac7fe2b425576eb0237b8d24ae44e1b1 (patch) | |
tree | f37f42c9ecfff65266135884fe5a43973045e86f /src/plugins/nat/out2in.c | |
parent | 983ebaa3ee58f93729ad96d6af24e93784ae43d8 (diff) |
nat: fix dual-loop tcp checksum botch
Type: fix
Fixes: 22921
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I4fecce96d027c0ee1797d9d84cfab94b1ecdc02b
Diffstat (limited to 'src/plugins/nat/out2in.c')
-rwxr-xr-x | src/plugins/nat/out2in.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c index 83c099d1bd2..9549a45c07e 100755 --- a/src/plugins/nat/out2in.c +++ b/src/plugins/nat/out2in.c @@ -893,9 +893,6 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - old_port0 = udp0->dst_port; - new_port0 = udp0->dst_port = s0->in2out.port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) { old_port0 = tcp0->dst_port; @@ -917,6 +914,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, { if (PREDICT_FALSE (udp0->checksum)) { + old_port0 = udp0->dst_port; + new_port0 = udp0->dst_port = s0->in2out.port; + sum0 = udp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, ip4_header_t, @@ -1070,11 +1070,12 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip1->checksum = ip_csum_fold (sum1); - old_port1 = udp1->dst_port; - new_port1 = udp1->dst_port = s1->in2out.port; - if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP)) { + old_port1 = tcp1->dst_port; + tcp1->dst_port = s1->in2out.port; + new_port1 = tcp1->dst_port; + sum1 = tcp1->checksum; sum1 = ip_csum_update (sum1, old_addr1, new_addr1, ip4_header_t, @@ -1090,6 +1091,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, { if (PREDICT_FALSE (udp1->checksum)) { + old_port1 = udp1->dst_port; + new_port1 = udp1->dst_port = s1->in2out.port; + sum1 = udp1->checksum; sum1 = ip_csum_update (sum1, old_addr1, new_addr1, ip4_header_t, @@ -1280,11 +1284,12 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - old_port0 = udp0->dst_port; - new_port0 = udp0->dst_port = s0->in2out.port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) { + old_port0 = tcp0->dst_port; + tcp0->dst_port = s0->in2out.port; + new_port0 = tcp0->dst_port; + sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, ip4_header_t, @@ -1300,6 +1305,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, { if (PREDICT_FALSE (udp0->checksum)) { + old_port0 = udp0->dst_port; + new_port0 = udp0->dst_port = s0->in2out.port; + sum0 = udp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, ip4_header_t, |