[VLAN]: Allow VLAN interface on top of bridge interface
When a VLAN interface is created on top of a bridge interface and netfilter is enabled to see the bridged packets, the packets can be corrupted when passing through the netfilter code. This is caused by the VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff structure. In general, this is no problem as the VLAN interface is mostly connected to a physical ethernet interface which does not use the 'protocol' and 'nh' members. For a bridge interface, however, these members do matter. Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
09fe3ef46c
commit
279e172a58
1 changed files with 3 additions and 0 deletions
|
@ -380,6 +380,9 @@ int vlan_dev_hard_header(struct sk_buff *skb, struct net_device *dev,
|
|||
} else {
|
||||
vhdr->h_vlan_encapsulated_proto = htons(len);
|
||||
}
|
||||
|
||||
skb->protocol = htons(ETH_P_8021Q);
|
||||
skb->nh.raw = skb->data;
|
||||
}
|
||||
|
||||
/* Before delegating work to the lower layer, enter our MAC-address */
|
||||
|
|
Loading…
Reference in a new issue