Reply To: InternetGateway on Win10: DNS reply has invalid UDP cksum

Home Forums Discussions Support Portal InternetGateway on Win10: DNS reply has invalid UDP cksum Reply To: InternetGateway on Win10: DNS reply has invalid UDP cksum

#11037

Vadim Smirnov
Moderator

Yes, you are right, it is bug. You should add UDP checksum recalculation in two places:

//DNS hook
//If we receive DNS packet on the NAT client adapter then we redirect it 
//to this system configured DNS server
if((pDlg->m_DNSIp.S_un.S_addr != INADDR_ANY) && (pDlg->m_DNSIp.S_un.S_addr != INADDR_NONE))
{
    if ((hAdapters[dwIndex]->m_NATState == CLIENT)&&
    (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECEIVE))
    {
        if (ntohs(pUdpHeader->th_dport) == 53/*DNS port*/)
        {
            // Save the DNS IP used by the NAT client system
            hAdapters[dwIndex]->m_LocalDNS.S_un.S_addr = ntohl(pIpHeader->ip_dst.S_un.S_addr);
            
            pIpHeader->ip_dst.S_un.S_addr = pDlg->m_DNSIp.S_un.S_addr;
        
            if(bForceRouting) 
            {
                bNeedToBeRouted = pDlg->IsNeedToForceRouting(pEthHeader->h_dest, pIpHeader->ip_dst.S_un.S_addr, pProviderCard->m_Index);
            }

            RecalculateUDPChecksum(&PacketBuffer);
            RecalculateIPChecksum (&PacketBuffer);
        }
    }

    // DNS reply came, substitute source IP back to the original DNS address
    if ((hAdapters[dwIndex]->m_NATState == CLIENT)&&
        (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND))
    {
        if (ntohs(pUdpHeader->th_sport) == 53/*DNS port*/)
        {
            pIpHeader->ip_src.S_un.S_addr = htonl(hAdapters[dwIndex]->m_LocalDNS.S_un.S_addr);
            RecalculateUDPChecksum(&PacketBuffer);
            RecalculateIPChecksum (&PacketBuffer);
        }
    }
}

Internet Gateway is a very old sample and I have a newer NAT library implementation (not available for public though) where surprisingly this bug was already fixed.