rdr-to with loopback destination should work even though

IP forwarding is disabled. Issue reported by Daniel Jakots (danj@)

OK bluhm@

2 files changed, 6 insertions, 4 deletions

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 058b2f038fa..3866f8b06d1 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_input.c,v 1.346 2019/12/09 06:48:52 deraadt Exp $	*/
+/*	$OpenBSD: ip_input.c,v 1.347 2019/12/23 22:33:57 sashan Exp $	*/
 /*	$NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $	*/
 
 /*
@@ -753,7 +753,8 @@ in_ouraddr(struct mbuf *m, struct ifnet *ifp, struct rtentry **prt)
 			}
 		}
 	} else if (ipforwarding == 0 && rt->rt_ifidx != ifp->if_index &&
-	    !((ifp->if_flags & IFF_LOOPBACK) || (ifp->if_type == IFT_ENC))) {
+	    !((ifp->if_flags & IFF_LOOPBACK) || (ifp->if_type == IFT_ENC) ||
+	    (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST))) {
 		/* received on wrong interface. */
 #if NCARP > 0
 		struct ifnet *out_if;
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c
index 5404d7ccfb4..25d267c00b1 100644
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip6_input.c,v 1.221 2019/12/08 11:08:22 sashan Exp $	*/
+/*	$OpenBSD: ip6_input.c,v 1.222 2019/12/23 22:33:57 sashan Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -435,7 +435,8 @@ ip6_input_if(struct mbuf **mp, int *offp, int nxt, int af, struct ifnet *ifp)
 
 		if (ip6_forwarding == 0 && rt->rt_ifidx != ifp->if_index &&
 		    !((ifp->if_flags & IFF_LOOPBACK) ||
-			(ifp->if_type == IFT_ENC))) {
+		    (ifp->if_type == IFT_ENC)) ||
+		    (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST)) {
 			/* received on wrong interface */
 #if NCARP > 0
 			struct ifnet *out_if;