fedora core 6 1.2949 + vserver 2.2.0

[linux-2.6.git] / net / bridge / br_forward.c

diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c
index ef9f209..191b861 100644 (file)
--- a/net/bridge/br_forward.c
+++ b/net/bridge/br_forward.c
@@ -16,31 +16,36 @@
 #include <linux/kernel.h>
 #include <linux/netdevice.h>
 #include <linux/skbuff.h>
+#include <linux/if_vlan.h>
 #include <linux/netfilter_bridge.h>
 #include "br_private.h"
 
+/* Don't forward packets to originating port or forwarding diasabled */
 static inline int should_deliver(const struct net_bridge_port *p, 
                                 const struct sk_buff *skb)
 {
-       if (skb->dev == p->dev ||
-           p->state != BR_STATE_FORWARDING)
-               return 0;
+       return (skb->dev != p->dev && p->state == BR_STATE_FORWARDING);
+}
 
-       return 1;
+static inline unsigned packet_length(const struct sk_buff *skb)
+{
+       return skb->len - (skb->protocol == htons(ETH_P_8021Q) ? VLAN_HLEN : 0);
 }
 
 int br_dev_queue_push_xmit(struct sk_buff *skb)
 {
-       if (skb->len > skb->dev->mtu) 
+       /* drop mtu oversized packets except gso */
+       if (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb))
                kfree_skb(skb);
        else {
-#ifdef CONFIG_BRIDGE_NETFILTER
                /* ip_refrag calls ip_fragment, doesn't copy the MAC header. */
-               nf_bridge_maybe_copy_header(skb);
-#endif
-               skb_push(skb, ETH_HLEN);
+               if (nf_bridge_maybe_copy_header(skb))
+                       kfree_skb(skb);
+               else {
+                       skb_push(skb, ETH_HLEN);
 
-               dev_queue_xmit(skb);
+                       dev_queue_xmit(skb);
+               }
        }
 
        return 0;
@@ -48,18 +53,14 @@ int br_dev_queue_push_xmit(struct sk_buff *skb)
 
 int br_forward_finish(struct sk_buff *skb)
 {
-       NF_HOOK(PF_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
-                       br_dev_queue_push_xmit);
+       return NF_HOOK(PF_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
+                      br_dev_queue_push_xmit);
 
-       return 0;
 }
 
 static void __br_deliver(const struct net_bridge_port *to, struct sk_buff *skb)
 {
        skb->dev = to->dev;
-#ifdef CONFIG_NETFILTER_DEBUG
-       skb->nf_debug = 0;
-#endif
        NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
                        br_forward_finish);
 }