Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0b67c43c authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: bridge: really save frag_max_size between PRE and POST_ROUTING 



We also need to save/store in forward, else br_parse_ip_options call
will zero frag_max_size as well.

Fixes: 93fdd47e ('bridge: Save frag_max_size between PRE_ROUTING and POST_ROUTING')
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent c5035c77

net/bridge/br_netfilter.c

+15 −2
Original line number Diff line number Diff line
@@ -686,6 +686,13 @@ static int br_nf_forward_finish(struct sk_buff *skb) 
	struct net_device *in;



	if (!IS_ARP(skb) && !IS_VLAN_ARP(skb)) {

		int frag_max_size;



		if (skb->protocol == htons(ETH_P_IP)) {

			frag_max_size = IPCB(skb)->frag_max_size;

			BR_INPUT_SKB_CB(skb)->frag_max_size = frag_max_size;

		}



		in = nf_bridge->physindev;

		if (nf_bridge->mask & BRNF_PKT_TYPE) {

			skb->pkt_type = PACKET_OTHERHOST;
@@ -745,9 +752,15 @@ static unsigned int br_nf_forward_ip(const struct nf_hook_ops *ops, 
		nf_bridge->mask |= BRNF_PKT_TYPE;

	}



	if (pf == NFPROTO_IPV4 && br_parse_ip_options(skb))

	if (pf == NFPROTO_IPV4) {

		int frag_max = BR_INPUT_SKB_CB(skb)->frag_max_size;



		if (br_parse_ip_options(skb))

			return NF_DROP;



		IPCB(skb)->frag_max_size = frag_max;

	}



	nf_bridge->physoutdev = skb->dev;

	if (pf == NFPROTO_IPV4)

		skb->protocol = htons(ETH_P_IP);