summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/out2in.c
diff options
context:
space:
mode:
authorDave Barach <dave@barachs.net>2019-11-03 11:29:29 -0500
committerOle Trøan <otroan@employees.org>2019-11-04 10:47:31 +0000
commit9654a37fac7fe2b425576eb0237b8d24ae44e1b1 (patch)
treef37f42c9ecfff65266135884fe5a43973045e86f /src/plugins/nat/out2in.c
parent983ebaa3ee58f93729ad96d6af24e93784ae43d8 (diff)
nat: fix dual-loop tcp checksum botch
Type: fix Fixes: 22921 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I4fecce96d027c0ee1797d9d84cfab94b1ecdc02b
Diffstat (limited to 'src/plugins/nat/out2in.c')
-rwxr-xr-xsrc/plugins/nat/out2in.c26
1 files changed, 17 insertions, 9 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index 83c099d1bd2..9549a45c07e 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -893,9 +893,6 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
dst_address /* changed member */ );
ip0->checksum = ip_csum_fold (sum0);
- old_port0 = udp0->dst_port;
- new_port0 = udp0->dst_port = s0->in2out.port;
-
if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
{
old_port0 = tcp0->dst_port;
@@ -917,6 +914,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
{
if (PREDICT_FALSE (udp0->checksum))
{
+ old_port0 = udp0->dst_port;
+ new_port0 = udp0->dst_port = s0->in2out.port;
+
sum0 = udp0->checksum;
sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
ip4_header_t,
@@ -1070,11 +1070,12 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
dst_address /* changed member */ );
ip1->checksum = ip_csum_fold (sum1);
- old_port1 = udp1->dst_port;
- new_port1 = udp1->dst_port = s1->in2out.port;
-
if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP))
{
+ old_port1 = tcp1->dst_port;
+ tcp1->dst_port = s1->in2out.port;
+ new_port1 = tcp1->dst_port;
+
sum1 = tcp1->checksum;
sum1 = ip_csum_update (sum1, old_addr1, new_addr1,
ip4_header_t,
@@ -1090,6 +1091,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
{
if (PREDICT_FALSE (udp1->checksum))
{
+ old_port1 = udp1->dst_port;
+ new_port1 = udp1->dst_port = s1->in2out.port;
+
sum1 = udp1->checksum;
sum1 = ip_csum_update (sum1, old_addr1, new_addr1,
ip4_header_t,
@@ -1280,11 +1284,12 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
dst_address /* changed member */ );
ip0->checksum = ip_csum_fold (sum0);
- old_port0 = udp0->dst_port;
- new_port0 = udp0->dst_port = s0->in2out.port;
-
if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
{
+ old_port0 = tcp0->dst_port;
+ tcp0->dst_port = s0->in2out.port;
+ new_port0 = tcp0->dst_port;
+
sum0 = tcp0->checksum;
sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
ip4_header_t,
@@ -1300,6 +1305,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
{
if (PREDICT_FALSE (udp0->checksum))
{
+ old_port0 = udp0->dst_port;
+ new_port0 = udp0->dst_port = s0->in2out.port;
+
sum0 = udp0->checksum;
sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
ip4_header_t,