mirror of https://github.com/torvalds/linux.git
aa04c6f45b
The config NF_CONNTRACK_BRIDGE will change the bridge forwarding for
fragmented packets.
The original bridge does not know that it is a fragmented packet and
forwards it directly, after NF_CONNTRACK_BRIDGE is enabled, function
nf_br_ip_fragment and br_ip6_fragment will check the headroom.
In original br_forward, insufficient headroom of skb may indeed exist,
but there's still a way to save the skb in the device driver after
dev_queue_xmit.So droping the skb will change the original bridge
forwarding in some cases.
Fixes:
|
||
|---|---|---|
| .. | ||
| Kconfig | ||
| Makefile | ||
| ebt_802_3.c | ||
| ebt_among.c | ||
| ebt_arp.c | ||
| ebt_arpreply.c | ||
| ebt_dnat.c | ||
| ebt_ip.c | ||
| ebt_ip6.c | ||
| ebt_limit.c | ||
| ebt_log.c | ||
| ebt_mark.c | ||
| ebt_mark_m.c | ||
| ebt_nflog.c | ||
| ebt_pkttype.c | ||
| ebt_redirect.c | ||
| ebt_snat.c | ||
| ebt_stp.c | ||
| ebt_vlan.c | ||
| ebtable_broute.c | ||
| ebtable_filter.c | ||
| ebtable_nat.c | ||
| ebtables.c | ||
| nf_conntrack_bridge.c | ||
| nft_meta_bridge.c | ||
| nft_reject_bridge.c | ||