--- zzzz-none-000/linux-4.1.38/net/ipv4/netfilter/nf_conntrack_proto_icmp.c	2017-01-18 18:48:06.000000000 +0000
+++ bcm63-7582-715/linux-4.1.38/net/ipv4/netfilter/nf_conntrack_proto_icmp.c	2020-11-25 10:06:48.000000000 +0000
@@ -131,6 +131,13 @@
 		 enum ip_conntrack_info *ctinfo,
 		 unsigned int hooknum)
 {
+#if defined(CONFIG_BCM_KF_NETFILTER)
+	struct inside {
+		struct icmphdr icmp;
+		struct iphdr ip;
+	} __attribute__((packed));
+	struct inside _in, *pIn; 
+#endif
 	struct nf_conntrack_tuple innertuple, origtuple;
 	const struct nf_conntrack_l4proto *innerproto;
 	const struct nf_conntrack_tuple_hash *h;
@@ -138,6 +145,13 @@
 
 	NF_CT_ASSERT(skb->nfct == NULL);
 
+#if defined(CONFIG_BCM_KF_NETFILTER)
+	/* Not enough header? */
+	pIn = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(_in), &_in);
+	if (pIn == NULL)
+		return -NF_ACCEPT;
+#endif
+
 	/* Are they talking about one of our connections? */
 	if (!nf_ct_get_tuplepr(skb,
 			       skb_network_offset(skb) + ip_hdrlen(skb)
@@ -148,7 +162,13 @@
 	}
 
 	/* rcu_read_lock()ed by nf_hook_slow */
+#if defined(CONFIG_BCM_KF_NETFILTER)
+	innerproto = __nf_ct_l4proto_find(PF_INET, pIn->ip.protocol);
+	origtuple.src.u3.ip = pIn->ip.saddr;
+	origtuple.dst.u3.ip = pIn->ip.daddr;
+#else
 	innerproto = __nf_ct_l4proto_find(PF_INET, origtuple.dst.protonum);
+#endif
 
 	/* Ordinarily, we'd expect the inverted tupleproto, but it's
 	   been preserved inside the ICMP. */