Sometimes natted icmp errors contain an invalid checksum.
This behaviour happens when :
. the icmp message contains an embbeded udp packet
. the value of the udp checksum is 0 (optional)
The fix of the icmp checksum to compensate the udp
port adjustement seems not valid.
I join a patch below.
*** ip_nat.c Sat Apr 1 12:15:34 2006
--- ip_nat.c Tue May 2 10:32:42 2006
***************
*** 2887,2894 ****
--- 2887,2895 ----
if ((dlen >= 8) && (*csump != 0)) {
fix_datacksum(csump, sumd);
} else {
+ sumd = sum2 - sum1;
sumd2 += sumd;
}
}
--
David Gueluy
[EMAIL PROTECTED]
Netasq _ Secure Internet Connectivity
http://www.netasq.com
