diff options
| author | Kevin Cernekee <cernekee@chromium.org> | 2016-08-31 21:27:53 -0700 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-09-05 19:43:49 +0200 |
| commit | 74a418b21b22fa67ecacd8f738eb8e2d6e4f4be9 (patch) | |
| tree | c2f2782e37a56ea0a9ee8b72039fd0d20e37433d | |
| parent | 0cfe7ff7c170f89e3aa1ad1c729b07ab9ca39198 (diff) | |
conntrackd: cthelper: ftp: Set match offset/len for PORT mangling
Currently matchoff and matchlen are 0, so IP mangling is performed in
the wrong place if NAT is used:
FTP_NAT: type 0, off 0 len 0
The resultant packet is clearly incorrect:
0x0000: 9410 3eb8 00ab 00e0 4c68 0012 0800 4510 ..>.....Lh....E.
0x0010: 0081 9ed9 4000 4006 cd35 646b 0370 646b ....@.@..5dk.pdk
0x0020: 0212 0015 87c5 8cc2 de50 aa28 4842 8018 .........P.(HB..
0x0030: 00e3 459d 0000 0101 080a e916 985e 2a3b ..E..........^*;
0x0040: b82d 3530 3020 2731 3030 2c31 3037 2c32 .-500.'100,107,2
0x0050: 2c31 382c 3134 392c 3739 504f 5254 2031 ,18,149,79PORT.1
0x0060: 3932 2c31 3638 2c32 3534 2c32 2c31 3439 92,168,254,2,149
0x0070: 2c37 3927 3a20 636f 6d6d 616e 6420 6e6f ,79':.command.no
0x0080: 7420 756e 6465 7273 746f 6f64 2e0d 0a t.understood...
Add the missing assignments.
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | src/helpers/ftp.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/helpers/ftp.c b/src/helpers/ftp.c index 24ee877..3da6e56 100644 --- a/src/helpers/ftp.c +++ b/src/helpers/ftp.c @@ -293,6 +293,9 @@ static int ftp_find_pattern(struct pkt_buff *pkt, if (!numlen) return 0; + *matchoff = i; + *matchlen = numlen; + pr_debug("Match succeded!\n"); return 1; } |