Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0e5eabac authored by Stephen Hemminger's avatar Stephen Hemminger Committed by David S. Miller
Browse files

[BRIDGE]: filter packets in learning state 



While in the learning state, run filters but drop the result.
This prevents us from acquiring bad fdb entries in learning state.

Signed-off-by: default avatarStephen Hemminger <shemminger@osdl.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 4433f420

net/bridge/br_input.c

+7 −4
Original line number Diff line number Diff line
@@ -53,6 +53,11 @@ int br_handle_frame_finish(struct sk_buff *skb) 
	/* insert into forwarding database after filtering to avoid spoofing */

	br_fdb_update(p->br, p, eth_hdr(skb)->h_source);



	if (p->state == BR_STATE_LEARNING) {

		kfree_skb(skb);

		goto out;

	}



	if (br->dev->flags & IFF_PROMISC) {

		struct sk_buff *skb2;
@@ -107,9 +112,6 @@ int br_handle_frame(struct net_bridge_port *p, struct sk_buff **pskb) 
	if (!is_valid_ether_addr(eth_hdr(skb)->h_source))

		goto err;



	if (p->state == BR_STATE_LEARNING)

		br_fdb_update(p->br, p, eth_hdr(skb)->h_source);



	if (p->br->stp_enabled &&

	    !memcmp(dest, bridge_ula, 5) &&

	    !(dest[5] & 0xF0)) {
@@ -118,9 +120,10 @@ int br_handle_frame(struct net_bridge_port *p, struct sk_buff **pskb) 
				NULL, br_stp_handle_bpdu);

			return 1;

		}

		goto err;

	}



	else if (p->state == BR_STATE_FORWARDING) {

	if (p->state == BR_STATE_FORWARDING || p->state == BR_STATE_LEARNING) {

		if (br_should_route_hook) {

			if (br_should_route_hook(pskb)) 

				return 0;