FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2025-01-06 09:29:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
efb6de9b4b
linux/net/bridge
History
Bernhard Thaler efb6de9b4b netfilter: bridge: forward IPv6 fragmented packets 
IPv6 fragmented packets are not forwarded on an ethernet bridge
with netfilter ip6_tables loaded. e.g. steps to reproduce

1) create a simple bridge like this

        modprobe br_netfilter
        brctl addbr br0
        brctl addif br0 eth0
        brctl addif br0 eth2
        ifconfig eth0 up
        ifconfig eth2 up
        ifconfig br0 up

2) place a host with an IPv6 address on each side of the bridge

        set IPv6 address on host A:
        ip -6 addr add fd01:2345:6789:1::1/64 dev eth0

        set IPv6 address on host B:
        ip -6 addr add fd01:2345:6789:1::2/64 dev eth0

3) run a simple ping command on host A with packets > MTU

        ping6 -s 4000 fd01:2345:6789:1::2

4) wait some time and run e.g. "ip6tables -t nat -nvL" on the bridge

IPv6 fragmented packets traverse the bridge cleanly until somebody runs.
"ip6tables -t nat -nvL". As soon as it is run (and netfilter modules are
loaded) IPv6 fragmented packets do not traverse the bridge any more (you
see no more responses in ping's output).

After applying this patch IPv6 fragmented packets traverse the bridge
cleanly in above scenario.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
[pablo@netfilter.org: small changes to br_nf_dev_queue_xmit]
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-06-12 14:10:12 +02:00
..
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
br_device.c netfilter: bridge: use rcu hook to resolve br_netfilter dependency 2015-03-10 15:03:02 +01:00
br_fdb.c bridge: make br_fdb_delete also check if the port matches 2015-06-10 21:58:13 -07:00
br_forward.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
br_if.c bridge: reset bridge mtu after deleting an interface 2015-03-14 19:12:38 -04:00
br_input.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
br_ioctl.c
br_mdb.c bridge/mdb: remove wrong use of NLM_F_MULTI 2015-04-29 14:59:16 -04:00
br_multicast.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
br_netfilter.c netfilter: bridge: forward IPv6 fragmented packets 2015-06-12 14:10:12 +02:00
br_netlink.c bridge: revert br_dellink change back to original 2015-05-12 18:43:55 -04:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private_stp.h
br_private.h netfilter: bridge: forward IPv6 fragmented packets 2015-06-12 14:10:12 +02:00
br_stp_bpdu.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
br_stp_if.c net: bridge: add a br_set_state helper function 2014-10-01 22:03:50 -04:00
br_stp_timer.c bridge: fix lockdep splat 2015-05-22 16:23:56 -04:00
br_stp.c switchdev: don't use anonymous union on switchdev attr/obj structs 2015-05-13 14:20:59 -04:00
br_sysfs_br.c bridge: Add a default_pvid sysfs attribute 2014-10-05 21:21:36 -04:00
br_sysfs_if.c bridge: Extend Proxy ARP design to allow optional rules for Wi-Fi 2015-03-05 14:52:23 -05:00
br_vlan.c net: rename vlan_tx_* helpers since "tx" is misleading there 2015-01-13 17:51:08 -05:00
br.c switchdev: s/netdev_switch_/switchdev_/ and s/NETDEV_SWITCH_/SWITCHDEV_/ 2015-05-12 18:43:52 -04:00
Kconfig
Makefile netfilter: bridge: build br_nf_core only if required 2014-09-30 14:07:51 -04:00