--- squid-2.5.STABLE7/src/client_side.c.orig	Wed Oct  6 01:34:42 2004
+++ squid-2.5.STABLE7/src/client_side.c	Thu Jan 13 16:04:41 2005
@@ -2717,8 +2717,13 @@
 	    int vport;
 	    char *q;
 	    const char *protocol_name = "http";
-	    if (vport_mode)
-		vport = (int) ntohs(http->conn->me.sin_port);
+	    if (vport_mode) {
+#if LINUX_NETFILTER
+		/* If the call fails the address structure will be unchanged */
+		getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
+#endif
+		vport = (int) ntohs(conn->me.sin_port);
+	    }
 	    else
 		vport = (int) Config.Accel.port;
 	    /* If a Host: header was specified, use it to build the URL 
@@ -2741,9 +2746,9 @@
 	    http->uri = xcalloc(url_sz, 1);
 
 #if SSL_FORWARDING_NOT_YET_DONE
-	    if (Config.Sockaddr.https->s.sin_port == http->conn->me.sin_port) {
+	    if (Config.Sockaddr.https->s.sin_port == conn->me.sin_port) {
 		protocol_name = "https";
-		vport = ntohs(http->conn->me.sin_port);
+		vport = ntohs(conn->me.sin_port);
 	    }
 #endif
 	    snprintf(http->uri, url_sz, "%s://%s:%d%s",
@@ -2754,14 +2759,14 @@
 	    url_sz = strlen(url) + 32 + Config.appendDomainLen;
 	    http->uri = xcalloc(url_sz, 1);
 	    if (vport_mode)
-		vport = (int) ntohs(http->conn->me.sin_port);
+		vport = (int) ntohs(conn->me.sin_port);
 	    else
 		vport = (int) Config.Accel.port;
 #if IPF_TRANSPARENT
-	    natLookup.nl_inport = http->conn->me.sin_port;
-	    natLookup.nl_outport = http->conn->peer.sin_port;
-	    natLookup.nl_inip = http->conn->me.sin_addr;
-	    natLookup.nl_outip = http->conn->peer.sin_addr;
+	    natLookup.nl_inport = conn->me.sin_port;
+	    natLookup.nl_outport = conn->peer.sin_port;
+	    natLookup.nl_inip = conn->me.sin_addr;
+	    natLookup.nl_outip = conn->peer.sin_addr;
 	    natLookup.nl_flags = IPN_TCP;
 	    if (natfd < 0) {
 		int save_errno;
@@ -2805,7 +2810,7 @@
 		    return parseHttpRequestAbort(conn, "error:nat-lookup-failed");
 		} else
 		    snprintf(http->uri, url_sz, "http://%s:%d%s",
-			inet_ntoa(http->conn->me.sin_addr),
+			inet_ntoa(conn->me.sin_addr),
 			vport, url);
 	    } else {
 		if (vport_mode)
@@ -2823,10 +2828,10 @@
 		return parseHttpRequestAbort(conn, "error:pf-open-failed");
 	    }
 	    memset(&nl, 0, sizeof(struct pfioc_natlook));
-	    nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
-	    nl.sport = http->conn->peer.sin_port;
-	    nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
-	    nl.dport = http->conn->me.sin_port;
+	    nl.saddr.v4.s_addr = conn->peer.sin_addr.s_addr;
+	    nl.sport = conn->peer.sin_port;
+	    nl.daddr.v4.s_addr = conn->me.sin_addr.s_addr;
+	    nl.dport = conn->me.sin_port;
 	    nl.af = AF_INET;
 	    nl.proto = IPPROTO_TCP;
 	    nl.direction = PF_OUT;
@@ -2838,7 +2843,7 @@
 		    return parseHttpRequestAbort(conn, "error:pf-lookup-failed");
 		} else
 		    snprintf(http->uri, url_sz, "http://%s:%d%s",
-			inet_ntoa(http->conn->me.sin_addr),
+			inet_ntoa(conn->me.sin_addr),
 			vport, url);
 	    } else
 		snprintf(http->uri, url_sz, "http://%s:%d%s",
@@ -2848,12 +2853,12 @@
 #if LINUX_NETFILTER
 	    /* If the call fails the address structure will be unchanged */
 	    getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
-	    debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr));
+	    debug(33, 5) ("parseHttpRequest: addr = %s\n", inet_ntoa(conn->me.sin_addr));
 	    if (vport_mode)
-		vport = (int) ntohs(http->conn->me.sin_port);
+		vport = (int) ntohs(conn->me.sin_port);
 #endif
 	    snprintf(http->uri, url_sz, "http://%s:%d%s",
-		inet_ntoa(http->conn->me.sin_addr),
+		inet_ntoa(conn->me.sin_addr),
 		vport, url);
 #endif
 	    debug(33, 5) ("VHOST REWRITE: '%s'\n", http->uri);