[NETFILTER]: nf_nat_sip: only perform RTP DNAT if SIP session was SNATed

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

DNAT of the the RTP session is only necessary if the SIP session has
been SNATed.

Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Jerome Borsboom and committed by

David S. Miller 19 years ago f4a607bf 7c4e36bc

+5 -1

1 changed file

expand all

net

ipv4

netfilter

nf_nat_sip.c

+5 -1

net/ipv4/netfilter/nf_nat_sip.c

··· 260 260 DEBUGP("ip_nat_sdp():\n"); 261 261 262 262 /* Connection will come from reply */ 263 - newip = ct->tuplehash[!dir].tuple.dst.u3.ip; 263 + if (ct->tuplehash[dir].tuple.src.u3.ip == 264 + ct->tuplehash[!dir].tuple.dst.u3.ip) 265 + newip = exp->tuple.dst.u3.ip; 266 + else 267 + newip = ct->tuplehash[!dir].tuple.dst.u3.ip; 264 268 265 269 exp->saved_ip = exp->tuple.dst.u3.ip; 266 270 exp->tuple.dst.u3.ip = newip;