Track UDP connections

This will enable NAT to be performed on UDP packets that are sent in response to packets sent by the stack. This will also enable ICMP errors to be properly NAT-ed in response to UDP packets (#5916). Updates #5915. PiperOrigin-RevId: 398373251
author: Ghanan Gowripalan <ghanan@google.com> 2021-09-22 17:52:43 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-09-22 17:55:49 -0700
commit: d8772545113ff941d34a4eae5f43df3f39d3547f (patch)
tree: c0e692655feac0fdf33542031a0b829c1893c341 /pkg/tcpip/stack/iptables.go
parent: 440fc07f70203caf517c5cbc3dcc3e83b7de3f05 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/pkg/tcpip/stack/iptables.go b/pkg/tcpip/stack/iptables.go
index f152c0d83..3617b6dd0 100644
--- a/pkg/tcpip/stack/iptables.go
+++ b/pkg/tcpip/stack/iptables.go
@@ -482,11 +482,11 @@ func (it *IPTables) checkRule(hook Hook, pkt *PacketBuffer, table Table, ruleIdx
 
 // OriginalDst returns the original destination of redirected connections. It
 // returns an error if the connection doesn't exist or isn't redirected.
-func (it *IPTables) OriginalDst(epID TransportEndpointID, netProto tcpip.NetworkProtocolNumber) (tcpip.Address, uint16, tcpip.Error) {
+func (it *IPTables) OriginalDst(epID TransportEndpointID, netProto tcpip.NetworkProtocolNumber, transProto tcpip.TransportProtocolNumber) (tcpip.Address, uint16, tcpip.Error) {
 	it.mu.RLock()
 	defer it.mu.RUnlock()
 	if !it.modified {
 		return "", 0, &tcpip.ErrNotConnected{}
 	}
-	return it.connections.originalDst(epID, netProto)
+	return it.connections.originalDst(epID, netProto, transProto)
 }
author	Ghanan Gowripalan <ghanan@google.com>	2021-09-22 17:52:43 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-09-22 17:55:49 -0700
commit	d8772545113ff941d34a4eae5f43df3f39d3547f (patch)
tree	c0e692655feac0fdf33542031a0b829c1893c341 /pkg/tcpip/stack/iptables.go
parent	440fc07f70203caf517c5cbc3dcc3e83b7de3f05 (diff)