*** sn_packets.c.orig	Fri Apr 18 16:33:58 1997
--- sn_packets.c	Thu May  7 15:02:14 1998
***************
*** 43,48 ****
--- 43,49 ----
  	struct UDP_header UDPhead;
  
  	int i;
+ 	short int dummy;	/* 2 bytes, important */
  
  	memcpy(&IPhead,(sp+PROTO_HEAD),sizeof(struct IP_header));
                                                    /* IP header Conversion */
***************
*** 51,56 ****
--- 52,58 ----
  	unwrapped->TCP_len = 0;         	/* Reset structure NEEDED!!! */
  	unwrapped->UDP_len = 0;
  	unwrapped->DATA_len = 0;
+ 	unwrapped->FRAG_nf = 0;
          
  	if(NO_CHKSUM == 0)
  		{
***************
*** 75,106 ****
--- 77,150 ----
  					/* restore orig buffer      */
          			 	/* general programming rule */
  		}
+ 
+ #ifdef DEBUG_ONSCREEN
+  	printf("IPheadlen: %d   total length: %d\n", unwrapped->IP_len,
+  						    ntohs(IPhead.length)); 
+ #endif
+  
+ 	dummy=ntohs(IPhead.flag_offset); dummy<<=3;
+ 	if( dummy!=0 )                            /* we have offset */
+ 		{
+ 		unwrapped->FRAG_nf = 1;
+ 		}
+ 
  	if(IPhead.protocol == TCP )		             /* TCP */
  		{
+ 		if(unwrapped->FRAG_nf == 0)
+ 			{
+ 			if( (ntohs(IPhead.length)-(unwrapped->IP_len))<20 )
+ 				return CORRUPT_IP;
+ 			
  		memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
  						sizeof(struct TCP_header));
  		unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000;
  		unwrapped->TCP_len >>= 10; 
  		unwrapped->DATA_len = ntohs(IPhead.length) -
  				(unwrapped->IP_len) - (unwrapped->TCP_len); 
+ 			}
+ 		else
+ 			{
+ 				unwrapped->DATA_len = ntohs(IPhead.length) 
+ 		    				- (unwrapped->IP_len);
+ 			}
  		return TCP;
  		}
  	if(IPhead.protocol == ICMP )		             /* ICMP */
  		{
+ 		if(unwrapped->FRAG_nf == 0)
+ 			{
+ 			if( (ntohs(IPhead.length)-(unwrapped->IP_len))<4 )
+ 				return CORRUPT_IP;
  		memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
  						sizeof(struct ICMP_header));
  		unwrapped->ICMP_len = ICMP_HEADLENGTH;
  		unwrapped->DATA_len = ntohs(IPhead.length) -
  				(unwrapped->IP_len) - (unwrapped->ICMP_len); 
  		return ICMP; 
+ 			}
+ 		else
+ 			{
+ 			return -1;	/* don't handle fragmented ICMP */
+ 			}
  		}
  	if(IPhead.protocol == UDP )		               /* UDP */
  		{
+ 		if(unwrapped->FRAG_nf == 0)
+ 			{
+ 			if( (ntohs(IPhead.length)-(unwrapped->IP_len))<8 )
+ 				return CORRUPT_IP;
  		memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
  						sizeof(struct UDP_header));
  		unwrapped->UDP_len = UDP_HEADLENGTH;
  		unwrapped->DATA_len = ntohs(IPhead.length) -
  				(unwrapped->IP_len) - (unwrapped->UDP_len); 
+ 			}
+ 		else
+ 			{
+ 			unwrapped->DATA_len = ntohs(IPhead.length)
+ 			    			- (unwrapped->IP_len); 
+ 			}
  		return UDP; 
  		}
  	return -1;