ia64/xen-unstable

changeset 8802:6789ae50ce7f

The NAT checksum fixes in patches/linux-2.6.16-rc2/net-csum.patch do
not work when port numbers are modified (bug 447).
tcp_manip_pkt()/udp_manip_pkt() modify the protocol checksum to
reflect the changes to ip addresses and port numbers. When
dev_queue_xmit() finds a message with proto_csum_blank set, it
calculates a new tcp/udp checksum that includes both the modified port
numbers and the modified protocol checksum field... so the change to
the port numbers affects the protocol checksum twice.

This patch modifies net-csum.patch to remove the checksum mangling for
port numbers in tcp_manip_pkt()/udp_manip_pkt()

Signed-off-by: Jim Dykman <dykman@us.ibm.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu Feb 09 00:22:38 2006 +0100 (2006-02-09)
parents 65127e18d821
children 99e7b8f9122e
files patches/linux-2.6.16-rc2/net-csum.patch
line diff
     1.1 --- a/patches/linux-2.6.16-rc2/net-csum.patch	Thu Feb 09 00:13:46 2006 +0100
     1.2 +++ b/patches/linux-2.6.16-rc2/net-csum.patch	Thu Feb 09 00:22:38 2006 +0100
     1.3 @@ -1,16 +1,14 @@
     1.4  diff -pruN ../pristine-linux-2.6.16-rc1-git4/net/ipv4/netfilter/ip_nat_proto_tcp.c ./net/ipv4/netfilter/ip_nat_proto_tcp.c
     1.5  --- ../pristine-linux-2.6.16-rc1-git4/net/ipv4/netfilter/ip_nat_proto_tcp.c	2006-02-02 17:39:51.000000000 +0000
     1.6  +++ ./net/ipv4/netfilter/ip_nat_proto_tcp.c	2006-02-02 17:44:18.000000000 +0000
     1.7 -@@ -129,10 +129,16 @@ tcp_manip_pkt(struct sk_buff **pskb,
     1.8 +@@ -129,10 +129,14 @@ tcp_manip_pkt(struct sk_buff **pskb,
     1.9   	if (hdrsize < sizeof(*hdr))
    1.10   		return 1;
    1.11   
    1.12  -	hdr->check = ip_nat_cheat_check(~oldip, newip,
    1.13  +	if ((*pskb)->proto_csum_blank) {
    1.14 -+		hdr->check = ip_nat_cheat_check(oldip, ~newip,
    1.15 -+				ip_nat_cheat_check(oldport ^ 0xFFFF,
    1.16 -+					newport, hdr->check));
    1.17 -+	} else { 
    1.18 ++		hdr->check = ip_nat_cheat_check(oldip, ~newip, hdr->check);
    1.19 ++	} else {
    1.20  +		hdr->check = ip_nat_cheat_check(~oldip, newip,
    1.21   					ip_nat_cheat_check(oldport ^ 0xFFFF,
    1.22   							   newport,
    1.23 @@ -18,22 +16,19 @@ diff -pruN ../pristine-linux-2.6.16-rc1-
    1.24  +	}
    1.25   	return 1;
    1.26   }
    1.27 - 
    1.28 +
    1.29  diff -pruN ../pristine-linux-2.6.16-rc1-git4/net/ipv4/netfilter/ip_nat_proto_udp.c ./net/ipv4/netfilter/ip_nat_proto_udp.c
    1.30  --- ../pristine-linux-2.6.16-rc1-git4/net/ipv4/netfilter/ip_nat_proto_udp.c	2006-02-02 17:39:51.000000000 +0000
    1.31  +++ ./net/ipv4/netfilter/ip_nat_proto_udp.c	2006-02-02 17:44:18.000000000 +0000
    1.32 -@@ -113,11 +113,19 @@ udp_manip_pkt(struct sk_buff **pskb,
    1.33 +@@ -113,11 +113,16 @@ udp_manip_pkt(struct sk_buff **pskb,
    1.34   		newport = tuple->dst.u.udp.port;
    1.35   		portptr = &hdr->dest;
    1.36   	}
    1.37  -	if (hdr->check) /* 0 is a special case meaning no checksum */
    1.38  -		hdr->check = ip_nat_cheat_check(~oldip, newip,
    1.39 -+	
    1.40  +	if (hdr->check) { /* 0 is a special case meaning no checksum */
    1.41  +		if ((*pskb)->proto_csum_blank) {
    1.42 -+			hdr->check = ip_nat_cheat_check(oldip, ~newip, 
    1.43 -+					ip_nat_cheat_check(*portptr ^ 0xFFFF, 
    1.44 -+						newport, hdr->check));
    1.45 ++			hdr->check = ip_nat_cheat_check(oldip, ~newip, hdr->check);
    1.46  +		} else {
    1.47  +			hdr->check = ip_nat_cheat_check(~oldip, newip,
    1.48   					ip_nat_cheat_check(*portptr ^ 0xFFFF,