Currently matchoff and matchlen are 0, so IP mangling is performed in
the wrong place if NAT is used:
FTP_NAT: type 0, off 0 len 0
The resultant packet is clearly incorrect:
0x0000: 9410 3eb8 00ab 00e0 4c68 0012 0800 4510 ..>.....Lh....E.
0x0010: 0081 9ed9 4000 4006 cd35 646b 0370 646b ....@.@..5dk.pdk
0x0020: 0212 0015 87c5 8cc2 de50 aa28 4842 8018 .........P.(HB..
0x0030: 00e3 459d 0000 0101 080a e916 985e 2a3b ..E..........^*;
0x0040: b82d 3530 3020 2731 3030 2c31 3037 2c32 .-500.'100,107,2
0x0050: 2c31 382c 3134 392c 3739 504f 5254 2031 ,18,149,79PORT.1
0x0060: 3932 2c31 3638 2c32 3534 2c32 2c31 3439 92,168,254,2,149
0x0070: 2c37 3927 3a20 636f 6d6d 616e 6420 6e6f ,79':.command.no
0x0080: 7420 756e 6465 7273 746f 6f64 2e0d 0a t.understood...
Add the missing assignments.
Signed-off-by: Kevin Cernekee <cernekee@xxxxxxxxxxxx>
---
src/helpers/ftp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/helpers/ftp.c b/src/helpers/ftp.c
index 24ee877..3da6e56 100644
--- a/src/helpers/ftp.c
+++ b/src/helpers/ftp.c
@@ -293,6 +293,9 @@ static int ftp_find_pattern(struct pkt_buff *pkt,
if (!numlen)
return 0;
+ *matchoff = i;
+ *matchlen = numlen;
+
pr_debug("Match succeded!\n");
return 1;
}
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
