diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-04-12 14:20:55 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-04-18 22:02:21 +0200 |
| commit | 783003f3bb8a565326e89d18bbd948ad8ffc816a (patch) | |
| tree | 51ff62c4a2bd1c2ceebb43681ddbaae669db0b9e /net/ipv6/netfilter.c | |
| parent | ff4d90a89d3d4d9814e0a2696509a7d495be4163 (diff) | |
| download | linux-783003f3bb8a565326e89d18bbd948ad8ffc816a.tar.gz linux-783003f3bb8a565326e89d18bbd948ad8ffc816a.tar.bz2 linux-783003f3bb8a565326e89d18bbd948ad8ffc816a.zip | |
netfilter: nftables_offload: special ethertype handling for VLAN
The nftables offload parser sets FLOW_DISSECTOR_KEY_BASIC .n_proto to the
ethertype field in the ethertype frame. However:
- FLOW_DISSECTOR_KEY_BASIC .n_proto field always stores either IPv4 or IPv6
ethertypes.
- FLOW_DISSECTOR_KEY_VLAN .vlan_tpid stores either the 802.1q and 802.1ad
ethertypes. Same as for FLOW_DISSECTOR_KEY_CVLAN.
This function adjusts the flow dissector to handle two scenarios:
1) FLOW_DISSECTOR_KEY_VLAN .vlan_tpid is set to 802.1q or 802.1ad.
Then, transfer:
- the .n_proto field to FLOW_DISSECTOR_KEY_VLAN .tpid.
- the original FLOW_DISSECTOR_KEY_VLAN .tpid to the
FLOW_DISSECTOR_KEY_CVLAN .tpid
- the original FLOW_DISSECTOR_KEY_CVLAN .tpid to the .n_proto field.
2) .n_proto is set to 802.1q or 802.1ad. Then, transfer:
- the .n_proto field to FLOW_DISSECTOR_KEY_VLAN .tpid.
- the original FLOW_DISSECTOR_KEY_VLAN .tpid to the .n_proto field.
Fixes: a82055af5959 ("netfilter: nft_payload: add VLAN offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv6/netfilter.c')
0 files changed, 0 insertions, 0 deletions