ICMPv6 return traffic, which needs to be NAT modified, does
not get modified correctly, because the SKB have not been
made sufficiently "writable".
Make sure SKB is writable in ip_vs_nat_icmp_v6().
Note, the calling code path have handled this case for IPv4, but
not for IPv6. I have placed the change in ip_vs_nat_icmp_v6()
in-order to reduce the changes/impact of that path.
Signed-off-by: Jesper Dangaard Brouer <brouer@xxxxxxxxxx>
---
net/netfilter/ipvs/ip_vs_core.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index ebd105c..fd50f47 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -737,6 +737,12 @@ void ip_vs_nat_icmp_v6(struct sk_buff *skb, struct ip_vs_protocol *pp,
icmp_offset);
struct ipv6hdr *ciph = (struct ipv6hdr *)(icmph + 1);
+ /* Make sure SKB is writable */
+ unsigned int write;
+ write = icmp_offset + sizeof(struct icmp6hdr) + sizeof(struct ipv6hdr);
+ if (!skb_make_writable(skb, write + 2 * sizeof(__u16)))
+ return;
+
if (inout) {
iph->saddr = cp->vaddr.in6;
ciph->daddr = cp->vaddr.in6;
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
