This is BROKEN, completely untested piece of code!
It's main purpose is to pro-vo-cate actual snmp-alg author and/or maintainers
to fix that code right way.
I only did modifications that allow my lint .config build. If it (by
accident) will work with snmp-nat (!) - then I am lucky.
This is not patch on patch, but patch on actual code.
diff -Nru a/net/ipv4/netfilter/ip_nat_snmp_basic.c
b/net/ipv4/netfilter/ip_nat_snmp_basic.c
--- a/net/ipv4/netfilter/ip_nat_snmp_basic.c Mon Mar 11 17:36:09 2002
+++ b/net/ipv4/netfilter/ip_nat_snmp_basic.c Mon Mar 11 17:36:09 2002
@@ -1243,6 +1243,7 @@
* NAT helper function, packets arrive here from NAT code.
*/
static unsigned int nat_help(struct ip_conntrack *ct,
+ struct ip_conntrack_expect *exp,
struct ip_nat_info *info,
enum ip_conntrack_info ctinfo,
unsigned int hooknum,
@@ -1303,19 +1304,36 @@
return NF_DROP;
}
+static unsigned int
+snmp_nat_expected(struct sk_buff **pskb,
+ unsigned int hooknum,
+ struct ip_conntrack *ct,
+ struct ip_nat_info *info)
+{
+ return 1;
+}
+
static struct ip_nat_helper snmp = { { NULL, NULL },
{ { 0, { __constant_htons(SNMP_PORT) } },
{ 0, { 0 }, IPPROTO_UDP } },
{ { 0, { 0xFFFF } },
{ 0, { 0 }, 0xFFFF } },
- nat_help, "snmp" };
+ nat_help,
+ IP_NAT_HELPER_F_ALWAYS,
+ THIS_MODULE,
+ snmp_nat_expected,
+ "snmp" };
static struct ip_nat_helper snmp_trap = { { NULL, NULL },
{ { 0, { __constant_htons(SNMP_TRAP_PORT) } },
{ 0, { 0 }, IPPROTO_UDP } },
{ { 0, { 0xFFFF } },
{ 0, { 0 }, 0xFFFF } },
- nat_help, "snmp_trap" };
+ nat_help,
+ IP_NAT_HELPER_F_ALWAYS,
+ THIS_MODULE,
+ snmp_nat_expected,
+ "snmp_trap" };
/*****************************************************************************
*
--
Paul P 'Stingray' Komkoff 'Greatest' Jr // (icq)23200764 // (irc)Spacebar
PPKJ1-RIPE // (smtp)[EMAIL PROTECTED] // (http)stingr.net // (pgp)0xA4B4ECA4
