--- linux-2.3.99-pre5/net/ipv4/netfilter/ipt_REDIRECT.c	Sat Apr 15 10:39:05 2000
+++ linux/net/ipv4/netfilter/ipt_REDIRECT.c	Sat Apr 15 13:23:32 2000
@@ -18,7 +18,8 @@
 #define DEBUGP(format, args...)
 #endif
 
-/* FIXME: Take multiple ranges --RR */
+/* FIXME: take more than one range??? */
+
 static int
 redirect_check(const char *tablename,
 	       const struct ipt_entry *e,
@@ -59,7 +60,7 @@
 	struct ip_conntrack *ct;
 	enum ip_conntrack_info ctinfo;
 	u_int32_t newdst;
-	const struct ip_nat_range *r = targinfo;
+	const struct ip_nat_multi_range *mr = targinfo;
 	struct ip_nat_multi_range newrange;
 
 	IP_NF_ASSERT(hooknum == NF_IP_PRE_ROUTING
@@ -76,12 +77,33 @@
 		newdst = (((struct in_device *)(*pskb)->dev->ip_ptr)
 			  ->ifa_list->ifa_local);
 
-	DEBUGP("redirect_target to 0x%08x\n", ntohs(newdst));
+	DEBUGP("redirect_target to 0x%08x, min=%d, max=%d, oldflags=%x\n",
+		ntohl(newdst),
+		(int) mr->range[0].min.tcp.port,
+		(int) mr->range[0].max.tcp.port,
+		mr->range[0].flags);
 	/* Transfer from original range. */
 	newrange = ((struct ip_nat_multi_range)
-		{ 1, { { r->flags | IP_NAT_RANGE_MAP_IPS,
+		{ 1, { { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS,
 			 newdst, newdst,
-			 r->min, r->max } } });
+			 mr->range[0].min, mr->range[0].max } } });
+	/*
+	 * There seems to be a byte order SNAFU on the ports:
+	 *
+	 * The incoming ports here are in host byte order, but the tuple
+	 * that is created later seems to use the other byte order.
+	 * Reverse here to see whether things work... YUP, works now.
+	 *
+	 * Need to investigate the real culprit. Two debug messages below
+	 * they give me a "MAP_IPS PROTO_SPECIFIED..." message with the
+	 * wrong byte order (1293 instead of the 3333 I use for testing),
+	 * and two messages further "New: tuple ..." again shows the
+	 * correct byteorder - iff we do the following two lines.
+	 *
+	 * Rusty? Help!
+	 */
+	newrange.range[0].min.tcp.port = htons(mr->range[0].min.tcp.port);
+	newrange.range[0].max.tcp.port = htons(mr->range[0].max.tcp.port);
 
 	/* Hand modified range to generic setup. */
 	return ip_nat_setup_info(ct, &newrange, hooknum);