linux 2.6.16.38 w/ vs2.0.3-rc1

[linux-2.6.git] / net / bridge / br_forward.c

diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c
index fd5fa75..dac7f06 100644 (file)
--- a/net/bridge/br_forward.c
+++ b/net/bridge/br_forward.c
@@ -23,7 +23,6 @@ static inline int should_deliver(const struct net_bridge_port *p,
                                 const struct sk_buff *skb)
 {
        if (skb->dev == p->dev ||
-           skb->len > p->dev->mtu ||
            p->state != BR_STATE_FORWARDING)
                return 0;
 
@@ -32,13 +31,22 @@ static inline int should_deliver(const struct net_bridge_port *p,
 
 int br_dev_queue_push_xmit(struct sk_buff *skb)
 {
+       /* drop mtu oversized packets except tso */
+       if (skb->len > skb->dev->mtu && !skb_shinfo(skb)->tso_size)
+               kfree_skb(skb);
+       else {
 #ifdef CONFIG_BRIDGE_NETFILTER
-       /* ip_refrag calls ip_fragment, which doesn't copy the MAC header. */
-       nf_bridge_maybe_copy_header(skb);
+               /* ip_refrag calls ip_fragment, doesn't copy the MAC header. */
+               if (nf_bridge_maybe_copy_header(skb))
+                       kfree_skb(skb);
+               else
 #endif
-       skb_push(skb, ETH_HLEN);
+               {
+                       skb_push(skb, ETH_HLEN);
 
-       dev_queue_xmit(skb);
+                       dev_queue_xmit(skb);
+               }
+       }
 
        return 0;
 }
@@ -54,9 +62,6 @@ int br_forward_finish(struct sk_buff *skb)
 static void __br_deliver(const struct net_bridge_port *to, struct sk_buff *skb)
 {
        skb->dev = to->dev;
-#ifdef CONFIG_NETFILTER_DEBUG
-       skb->nf_debug = 0;
-#endif
        NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
                        br_forward_finish);
 }