[Fwd: [PATCH] allow VLAN interface on top of bridge interface]

[Fwd: [PATCH] allow VLAN interface on top of bridge interface]

[Chuck Ebbert]

Date: Thu, 12 Apr 2007 21:50:00 +0200 (CEST)
From: Jerome Borsboom <j.borsboom@erasmusmc.nl>
To: linux-kernel@vger.kernel.org
Subject: [PATCH] allow VLAN interface on top of bridge interface
Message-ID: <Pine.LNX.4.64.0704122136330.3170@knorkaan.xs4all.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk

When a VLAN interface is created on top of a bridge interface and 
netfilter is enabled to see the bridged packets, the packets can be 
corrupted when passing through the netfilter code. This is caused by the 
VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff 
structure. In general, this is no problem as the VLAN interface is mostly 
connected to a physical ethernet interface which does not use the 
'protocol' and 'nh' members. For a bridge interface, however, these 
members do matter.

Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>


--- linux-2.6.20/net/8021q/vlan_dev.c 2007-02-04 19:44:54.000000000 +0100 
+++ linux-2.6.20/net/8021q/vlan_dev.c 2007-04-12 21:12:17.000000000 +0200 
@@ -380,6 +380,9 @@
 		} else {
 			vhdr->h_vlan_encapsulated_proto = htons(len);
 		}
+
+		skb->protocol = htons(ETH_P_8021Q);
+		skb->nh.raw = skb->data;
 	}

 	/* Before delegating work to the lower layer, enter our MAC-address */

Re: [Fwd: [PATCH] allow VLAN interface on top of bridge interface]

[David Miller]

Chuck, please reply to the poster and instruct them where they should
post the patch _AS WELL AS_ CC:'ing netdev and retaining the
linux-kernel CC, otherwise people will reply to both threads and
someone looking at one of them will not see replies done in the other.

Thanks.