# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#	           ChangeSet	1.1352  -> 1.1353 
#	net/ipv4/netfilter/ip_fw_compat_masq.c	1.11    -> 1.12   
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 03/12/03	ja@xxxxxx	1.1353
# [IPCHAINS]: masquerade must select maddr correctly
# 
# - It is fixed in Linux 2.2 from ages
# - Add missing WRITE_UNLOCK on route error
# --------------------------------------------
#
diff -Nru a/net/ipv4/netfilter/ip_fw_compat_masq.c b/net/ipv4/netfilter/ip_fw_compat_masq.c
--- a/net/ipv4/netfilter/ip_fw_compat_masq.c	Wed Dec  3 00:32:05 2003
+++ b/net/ipv4/netfilter/ip_fw_compat_masq.c	Wed Dec  3 00:32:05 2003
@@ -67,18 +67,23 @@
 	/* Setup the masquerade, if not already */
 	if (!info->initialized) {
 		u_int32_t newsrc;
-		struct flowi fl = { .nl_u = { .ip4_u = { .daddr = (*pskb)->nh.iph->daddr } } };
+		struct flowi fl = { .nl_u = {
+					.ip4_u = {
+						.daddr = (*pskb)->nh.iph->daddr,
+						.tos = RT_TOS((*pskb)->nh.iph->tos),
+					} },
+				    .oif = (*pskb)->dst->dev->ifindex };
 		struct rtable *rt;
 		struct ip_nat_multi_range range;
 
 		/* Pass 0 instead of saddr, since it's going to be changed
 		   anyway. */
 		if (ip_route_output_key(&rt, &fl) != 0) {
+			WRITE_UNLOCK(&ip_nat_lock);
 			DEBUGP("ipnat_rule_masquerade: Can't reroute.\n");
 			return NF_DROP;
 		}
-		newsrc = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
-					  RT_SCOPE_UNIVERSE);
+		newsrc = rt->rt_src;
 		ip_rt_put(rt);
 		range = ((struct ip_nat_multi_range)
 			 { 1,