Yes, you are right, it is bug. You should add UDP checksum recalculation in two places:
//DNS hook
//If we receive DNS packet on the NAT client adapter then we redirect it
//to this system configured DNS server
if((pDlg->m_DNSIp.S_un.S_addr != INADDR_ANY) && (pDlg->m_DNSIp.S_un.S_addr != INADDR_NONE))
{
if ((hAdapters[dwIndex]->m_NATState == CLIENT)&&
(PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECEIVE))
{
if (ntohs(pUdpHeader->th_dport) == 53/*DNS port*/)
{
// Save the DNS IP used by the NAT client system
hAdapters[dwIndex]->m_LocalDNS.S_un.S_addr = ntohl(pIpHeader->ip_dst.S_un.S_addr);
pIpHeader->ip_dst.S_un.S_addr = pDlg->m_DNSIp.S_un.S_addr;
if(bForceRouting)
{
bNeedToBeRouted = pDlg->IsNeedToForceRouting(pEthHeader->h_dest, pIpHeader->ip_dst.S_un.S_addr, pProviderCard->m_Index);
}
RecalculateUDPChecksum(&PacketBuffer);
RecalculateIPChecksum (&PacketBuffer);
}
}
// DNS reply came, substitute source IP back to the original DNS address
if ((hAdapters[dwIndex]->m_NATState == CLIENT)&&
(PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND))
{
if (ntohs(pUdpHeader->th_sport) == 53/*DNS port*/)
{
pIpHeader->ip_src.S_un.S_addr = htonl(hAdapters[dwIndex]->m_LocalDNS.S_un.S_addr);
RecalculateUDPChecksum(&PacketBuffer);
RecalculateIPChecksum (&PacketBuffer);
}
}
}Internet Gateway is a very old sample and I have a newer NAT library implementation (not available for public though) where surprisingly this bug was already fixed.