]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * Forwarding decision | |
3 | * Linux ethernet bridge | |
4 | * | |
5 | * Authors: | |
6 | * Lennert Buytenhek <buytenh@gnu.org> | |
7 | * | |
1da177e4 LT |
8 | * This program is free software; you can redistribute it and/or |
9 | * modify it under the terms of the GNU General Public License | |
10 | * as published by the Free Software Foundation; either version | |
11 | * 2 of the License, or (at your option) any later version. | |
12 | */ | |
13 | ||
14 | #include <linux/kernel.h> | |
15 | #include <linux/netdevice.h> | |
16 | #include <linux/skbuff.h> | |
85ca719e | 17 | #include <linux/if_vlan.h> |
1da177e4 LT |
18 | #include <linux/netfilter_bridge.h> |
19 | #include "br_private.h" | |
20 | ||
9ef513be | 21 | /* Don't forward packets to originating port or forwarding diasabled */ |
9d6f229f | 22 | static inline int should_deliver(const struct net_bridge_port *p, |
1da177e4 LT |
23 | const struct sk_buff *skb) |
24 | { | |
3982d3d2 FA |
25 | return (((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) && |
26 | p->state == BR_STATE_FORWARDING); | |
1da177e4 LT |
27 | } |
28 | ||
85ca719e SH |
29 | static inline unsigned packet_length(const struct sk_buff *skb) |
30 | { | |
31 | return skb->len - (skb->protocol == htons(ETH_P_8021Q) ? VLAN_HLEN : 0); | |
32 | } | |
33 | ||
1da177e4 LT |
34 | int br_dev_queue_push_xmit(struct sk_buff *skb) |
35 | { | |
7967168c | 36 | /* drop mtu oversized packets except gso */ |
89114afd | 37 | if (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb)) |
1da177e4 LT |
38 | kfree_skb(skb); |
39 | else { | |
1da177e4 | 40 | /* ip_refrag calls ip_fragment, doesn't copy the MAC header. */ |
3a13813e SH |
41 | if (nf_bridge_maybe_copy_header(skb)) |
42 | kfree_skb(skb); | |
07317621 | 43 | else { |
3a13813e | 44 | skb_push(skb, ETH_HLEN); |
1da177e4 | 45 | |
3a13813e SH |
46 | dev_queue_xmit(skb); |
47 | } | |
1da177e4 LT |
48 | } |
49 | ||
50 | return 0; | |
51 | } | |
52 | ||
53 | int br_forward_finish(struct sk_buff *skb) | |
54 | { | |
9ef513be SH |
55 | return NF_HOOK(PF_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev, |
56 | br_dev_queue_push_xmit); | |
1da177e4 | 57 | |
1da177e4 LT |
58 | } |
59 | ||
60 | static void __br_deliver(const struct net_bridge_port *to, struct sk_buff *skb) | |
61 | { | |
62 | skb->dev = to->dev; | |
1da177e4 LT |
63 | NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, |
64 | br_forward_finish); | |
65 | } | |
66 | ||
67 | static void __br_forward(const struct net_bridge_port *to, struct sk_buff *skb) | |
68 | { | |
69 | struct net_device *indev; | |
70 | ||
4906f998 HX |
71 | if (skb_warn_if_lro(skb)) { |
72 | kfree_skb(skb); | |
73 | return; | |
74 | } | |
75 | ||
1da177e4 LT |
76 | indev = skb->dev; |
77 | skb->dev = to->dev; | |
35fc92a9 | 78 | skb_forward_csum(skb); |
1da177e4 LT |
79 | |
80 | NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev, | |
81 | br_forward_finish); | |
82 | } | |
83 | ||
84 | /* called with rcu_read_lock */ | |
85 | void br_deliver(const struct net_bridge_port *to, struct sk_buff *skb) | |
86 | { | |
87 | if (should_deliver(to, skb)) { | |
88 | __br_deliver(to, skb); | |
89 | return; | |
90 | } | |
91 | ||
92 | kfree_skb(skb); | |
93 | } | |
94 | ||
95 | /* called with rcu_read_lock */ | |
96 | void br_forward(const struct net_bridge_port *to, struct sk_buff *skb) | |
97 | { | |
4906f998 | 98 | if (should_deliver(to, skb)) { |
1da177e4 LT |
99 | __br_forward(to, skb); |
100 | return; | |
101 | } | |
102 | ||
103 | kfree_skb(skb); | |
104 | } | |
105 | ||
106 | /* called under bridge lock */ | |
e081e1e3 | 107 | static void br_flood(struct net_bridge *br, struct sk_buff *skb, |
b33084be HX |
108 | struct sk_buff *skb0, |
109 | void (*__packet_hook)(const struct net_bridge_port *p, | |
110 | struct sk_buff *skb)) | |
1da177e4 LT |
111 | { |
112 | struct net_bridge_port *p; | |
113 | struct net_bridge_port *prev; | |
6088a539 | 114 | struct net_device *dev = BR_INPUT_SKB_CB(skb)->brdev; |
1da177e4 | 115 | |
1da177e4 LT |
116 | prev = NULL; |
117 | ||
118 | list_for_each_entry_rcu(p, &br->port_list, list) { | |
119 | if (should_deliver(p, skb)) { | |
120 | if (prev != NULL) { | |
121 | struct sk_buff *skb2; | |
122 | ||
123 | if ((skb2 = skb_clone(skb, GFP_ATOMIC)) == NULL) { | |
6088a539 | 124 | dev->stats.tx_dropped++; |
b33084be | 125 | goto out; |
1da177e4 LT |
126 | } |
127 | ||
128 | __packet_hook(prev, skb2); | |
129 | } | |
130 | ||
131 | prev = p; | |
132 | } | |
133 | } | |
134 | ||
b33084be HX |
135 | if (!prev) |
136 | goto out; | |
137 | ||
138 | if (skb0) { | |
139 | skb = skb_clone(skb, GFP_ATOMIC); | |
140 | if (!skb) { | |
6088a539 | 141 | dev->stats.tx_dropped++; |
b33084be HX |
142 | goto out; |
143 | } | |
1da177e4 | 144 | } |
b33084be HX |
145 | __packet_hook(prev, skb); |
146 | return; | |
1da177e4 | 147 | |
b33084be HX |
148 | out: |
149 | if (!skb0) | |
150 | kfree_skb(skb); | |
1da177e4 LT |
151 | } |
152 | ||
153 | ||
154 | /* called with rcu_read_lock */ | |
e081e1e3 | 155 | void br_flood_deliver(struct net_bridge *br, struct sk_buff *skb) |
1da177e4 | 156 | { |
b33084be | 157 | br_flood(br, skb, NULL, __br_deliver); |
1da177e4 LT |
158 | } |
159 | ||
160 | /* called under bridge lock */ | |
b33084be HX |
161 | void br_flood_forward(struct net_bridge *br, struct sk_buff *skb, |
162 | struct sk_buff *skb2) | |
1da177e4 | 163 | { |
b33084be | 164 | br_flood(br, skb, skb2, __br_forward); |
1da177e4 | 165 | } |