Commit f4a607bf authored by Jerome Borsboom's avatar Jerome Borsboom Committed by David S. Miller
Browse files

[NETFILTER]: nf_nat_sip: only perform RTP DNAT if SIP session was SNATed



DNAT of the the RTP session is only necessary if the SIP session has
been SNATed.
Signed-off-by: default avatarJerome Borsboom <j.borsboom@erasmusmc.nl>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 7c4e36bc
......@@ -260,7 +260,11 @@ static unsigned int ip_nat_sdp(struct sk_buff **pskb,
DEBUGP("ip_nat_sdp():\n");
/* Connection will come from reply */
newip = ct->tuplehash[!dir].tuple.dst.u3.ip;
if (ct->tuplehash[dir].tuple.src.u3.ip ==
ct->tuplehash[!dir].tuple.dst.u3.ip)
newip = exp->tuple.dst.u3.ip;
else
newip = ct->tuplehash[!dir].tuple.dst.u3.ip;
exp->saved_ip = exp->tuple.dst.u3.ip;
exp->tuple.dst.u3.ip = newip;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment