patch-2.4.23 linux-2.4.23/net/ipv4/netfilter/ip_conntrack_irc.c
Next file: linux-2.4.23/net/ipv4/netfilter/ip_conntrack_proto_generic.c
Previous file: linux-2.4.23/net/ipv4/netfilter/ip_conntrack_core.c
Back to the patch index
Back to the overall index
- Lines: 21
- Date:
2003-11-28 10:26:21.000000000 -0800
- Orig file:
linux-2.4.22/net/ipv4/netfilter/ip_conntrack_irc.c
- Orig date:
2003-08-25 04:44:44.000000000 -0700
diff -urN linux-2.4.22/net/ipv4/netfilter/ip_conntrack_irc.c linux-2.4.23/net/ipv4/netfilter/ip_conntrack_irc.c
@@ -192,7 +192,10 @@
DEBUGP("DCC bound ip/port: %u.%u.%u.%u:%u\n",
HIPQUAD(dcc_ip), dcc_port);
- if (ct->tuplehash[dir].tuple.src.ip != htonl(dcc_ip)) {
+ /* dcc_ip can be the internal OR external (NAT'ed) IP
+ * Tiago Sousa <mirage@kaotik.org> */
+ if (ct->tuplehash[dir].tuple.src.ip != htonl(dcc_ip)
+ && ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip != htonl(dcc_ip)) {
if (net_ratelimit())
printk(KERN_WARNING
"Forged DCC command from "
@@ -218,7 +221,7 @@
exp->tuple = ((struct ip_conntrack_tuple)
{ { 0, { 0 } },
- { htonl(dcc_ip), { .tcp = { htons(dcc_port) } },
+ { ct->tuplehash[dir].tuple.src.ip, { .tcp = { htons(dcc_port) } },
IPPROTO_TCP }});
exp->mask = ((struct ip_conntrack_tuple)
{ { 0, { 0 } },
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)