#include <linux/kernel.h>
#include <linux/netdevice.h>
#include <linux/skbuff.h>
+#include <linux/if_vlan.h>
#include <linux/netfilter_bridge.h>
#include "br_private.h"
const struct sk_buff *skb)
{
if (skb->dev == p->dev ||
- skb->len > p->dev->mtu ||
p->state != BR_STATE_FORWARDING)
return 0;
return 1;
}
+static inline unsigned packet_length(const struct sk_buff *skb)
+{
+ return skb->len - (skb->protocol == htons(ETH_P_8021Q) ? VLAN_HLEN : 0);
+}
+
int br_dev_queue_push_xmit(struct sk_buff *skb)
{
+ /* drop mtu oversized packets except tso */
+ if (skb->len > skb->dev->mtu && !skb_is_gso(skb))
+ kfree_skb(skb);
+ else {
#ifdef CONFIG_BRIDGE_NETFILTER
- /* ip_refrag calls ip_fragment, which doesn't copy the MAC header. */
- nf_bridge_maybe_copy_header(skb);
+ /* ip_refrag calls ip_fragment, doesn't copy the MAC header. */
+ if (nf_bridge_maybe_copy_header(skb))
+ kfree_skb(skb);
+ else
#endif
- skb_push(skb, ETH_HLEN);
+ {
+ skb_push(skb, ETH_HLEN);
- dev_queue_xmit(skb);
+ dev_queue_xmit(skb);
+ }
+ }
return 0;
}
static void __br_deliver(const struct net_bridge_port *to, struct sk_buff *skb)
{
skb->dev = to->dev;
-#ifdef CONFIG_NETFILTER_DEBUG
- skb->nf_debug = 0;
-#endif
NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
br_forward_finish);
}
git://git.onelab.eu / linux-2.6.git / blobdiff