From: Patrick McHardy Date: Fri, 26 Jan 2007 09:07:30 +0000 (-0800) Subject: [NETFILTER]: nf_nat_pptp: fix expectation removal X-Git-Tag: v2.6.20-rc7~56^2~1 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a46bf7d5a81b350cd204b82bd25ee6ffbc2967d4;p=linux-2.6 [NETFILTER]: nf_nat_pptp: fix expectation removal When removing the expectation for the opposite direction, the PPTP NAT helper initializes the tuple for lookup with the addresses of the opposite direction, which makes the lookup fail. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- diff --git a/net/ipv4/netfilter/nf_nat_pptp.c b/net/ipv4/netfilter/nf_nat_pptp.c index 0ae45b79a4..5df4fcae3a 100644 --- a/net/ipv4/netfilter/nf_nat_pptp.c +++ b/net/ipv4/netfilter/nf_nat_pptp.c @@ -72,9 +72,9 @@ static void pptp_nat_expected(struct nf_conn *ct, DEBUGP("we are PAC->PNS\n"); /* build tuple for PNS->PAC */ t.src.l3num = AF_INET; - t.src.u3.ip = master->tuplehash[exp->dir].tuple.src.u3.ip; + t.src.u3.ip = master->tuplehash[!exp->dir].tuple.src.u3.ip; t.src.u.gre.key = nat_pptp_info->pns_call_id; - t.dst.u3.ip = master->tuplehash[exp->dir].tuple.dst.u3.ip; + t.dst.u3.ip = master->tuplehash[!exp->dir].tuple.dst.u3.ip; t.dst.u.gre.key = nat_pptp_info->pac_call_id; t.dst.protonum = IPPROTO_GRE; }