translate icmpv6 echo id's the same way we do for icmpv4; ok henning

2 files changed, 15 insertions, 3 deletions

diff --git a/sys/net/pf.c b/sys/net/pf.c
index c75ae4680dc..2ea1f75ae75 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.855 2013/10/28 12:09:41 mikeb Exp $ */
+/*	$OpenBSD: pf.c,v 1.856 2013/10/30 11:21:26 mikeb Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -3792,6 +3792,18 @@ pf_translate(struct pf_pdesc *pd, struct pf_addr *saddr, u_int16_t sport,
 				rewrite = 1;
 			}
 		}
+		if (virtual_type == htons(ICMP6_ECHO_REQUEST)) {
+			u_int16_t icmpid = (icmp_dir == PF_IN) ? sport : dport;
+
+			if (icmpid != pd->hdr.icmp6->icmp6_id) {
+				if (pd->csum_status == PF_CSUM_UNKNOWN)
+					pf_check_proto_cksum(pd, pd->off,
+					    pd->tot_len - pd->off, pd->proto,
+					    pd->af);
+				pd->hdr.icmp6->icmp6_id = icmpid;
+				rewrite = 1;
+			}
+		}
 		break;
 #endif /* INET6 */
 
diff --git a/sys/net/pf_lb.c b/sys/net/pf_lb.c
index b9312ecf7d2..1382307f85e 100644
--- a/sys/net/pf_lb.c
+++ b/sys/net/pf_lb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_lb.c,v 1.29 2013/10/30 11:18:32 mikeb Exp $ */
+/*	$OpenBSD: pf_lb.c,v 1.30 2013/10/30 11:21:26 mikeb Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -201,7 +201,7 @@ pf_get_sport(struct pf_pdesc *pd, struct pf_rule *r,
 		 * similar 2 portloop in in_pcbbind
 		 */
 		if (!(pd->proto == IPPROTO_TCP || pd->proto == IPPROTO_UDP ||
-		    pd->proto == IPPROTO_ICMP)) {
+		    pd->proto == IPPROTO_ICMP || pd->proto == IPPROTO_ICMPV6)) {
 			/* XXX bug: icmp states dont use the id on both
 			 * XXX sides (traceroute -I through nat) */
 			key.port[1] = pd->nsport;