bpf: nat: improve drop reason in snat_v6_rev_nat()

When we don't recognize the inner L4 protocol type of an ICMPV6_PKT_TOOBIG packet, return the appropriate drop reason. Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
cilium · Mar 29, 2023 · c3907b9 · c3907b9
1 parent 83683fe
commit c3907b9
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/bpf/lib/nat.h b/bpf/lib/nat.h
@@ -1775,7 +1775,7 @@ snat_v6_rev_nat(struct __ctx_buff *ctx, const struct ipv6_nat_target *target)
 				tuple.dport = identifier;
 				break;
 			default:
-				return DROP_INVALID;
+				return DROP_UNKNOWN_L4;
 			}
 			state = snat_v6_lookup(&tuple);
 			if (!state)