diff options
author | Bart De Schuymer <bdschuym@pandora.be> | 2010-04-20 10:22:01 -0400 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-04-20 10:22:01 -0400 |
commit | 6c79bf0f2440fd250c8fce8d9b82fcf03d4e8350 (patch) | |
tree | 408e0680cac66c1a2ab6350de15a9c623da905a7 /net/bridge | |
parent | 62910554656cdcd6b6f84a5154c4155aae4ca231 (diff) |
netfilter: bridge-netfilter: fix refragmenting IP traffic encapsulated in PPPoE traffic
The MTU for IP traffic encapsulated inside PPPoE traffic is smaller
than the MTU of the Ethernet device (1500). Connection tracking
gathers all IP packets and sometimes will refragment them in
ip_fragment(). We then need to subtract the length of the
encapsulating header from the mtu used in ip_fragment(). The check in
br_nf_dev_queue_xmit() which determines if ip_fragment() has to be
called is also updated for the PPPoE-encapsulated packets.
nf_bridge_copy_header() is also updated to make sure the PPPoE data
length field has the correct value.
Signed-off-by: Bart De Schuymer <bdschuym@pandora.be>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/bridge')
-rw-r--r-- | net/bridge/br_netfilter.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index 6b80ebc37667..93f80fefa496 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c | |||
@@ -745,7 +745,7 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff *skb, | |||
745 | static int br_nf_dev_queue_xmit(struct sk_buff *skb) | 745 | static int br_nf_dev_queue_xmit(struct sk_buff *skb) |
746 | { | 746 | { |
747 | if (skb->nfct != NULL && skb->protocol == htons(ETH_P_IP) && | 747 | if (skb->nfct != NULL && skb->protocol == htons(ETH_P_IP) && |
748 | skb->len > skb->dev->mtu && | 748 | skb->len + nf_bridge_mtu_reduction(skb) > skb->dev->mtu && |
749 | !skb_is_gso(skb)) | 749 | !skb_is_gso(skb)) |
750 | return ip_fragment(skb, br_dev_queue_push_xmit); | 750 | return ip_fragment(skb, br_dev_queue_push_xmit); |
751 | else | 751 | else |