Fw: [PATCH] allow VLAN interface on top of bridge interface

Fw: [PATCH] allow VLAN interface on top of bridge interface

[Andrew Morton]

Begin forwarded message:

Date: Thu, 12 Apr 2007 21:50:00 +0200 (CEST)
From: Jerome Borsboom <j.borsboom@erasmusmc.nl>
To: linux-kernel@vger.kernel.org
Subject: [PATCH] allow VLAN interface on top of bridge interface


When a VLAN interface is created on top of a bridge interface and 
netfilter is enabled to see the bridged packets, the packets can be 
corrupted when passing through the netfilter code. This is caused by the 
VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff 
structure. In general, this is no problem as the VLAN interface is mostly 
connected to a physical ethernet interface which does not use the 
'protocol' and 'nh' members. For a bridge interface, however, these 
members do matter.

Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>


--- linux-2.6.20/net/8021q/vlan_dev.c 2007-02-04 19:44:54.000000000 +0100 
+++ linux-2.6.20/net/8021q/vlan_dev.c 2007-04-12 21:12:17.000000000 +0200 
@@ -380,6 +380,9 @@
  		} else {
  			vhdr->h_vlan_encapsulated_proto = htons(len);
  		}
+
+		skb->protocol = htons(ETH_P_8021Q);
+		skb->nh.raw = skb->data;
  	}

  	/* Before delegating work to the lower layer, enter our MAC-address */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Fw: [PATCH] allow VLAN interface on top of bridge interface

[Ben Greear]

Andrew Morton wrote:
> 
> Begin forwarded message:
> 
> Date: Thu, 12 Apr 2007 21:50:00 +0200 (CEST)
> From: Jerome Borsboom <j.borsboom@erasmusmc.nl>
> To: linux-kernel@vger.kernel.org
> Subject: [PATCH] allow VLAN interface on top of bridge interface
> 
> 
> When a VLAN interface is created on top of a bridge interface and 
> netfilter is enabled to see the bridged packets, the packets can be 
> corrupted when passing through the netfilter code. This is caused by the 
> VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff 
> structure. In general, this is no problem as the VLAN interface is mostly 
> connected to a physical ethernet interface which does not use the 
> 'protocol' and 'nh' members. For a bridge interface, however, these 
> members do matter.

Why only do this inside that if clause?  I can see only setting
nh.raw in that clause, but it seems like the protocol should be set
regardless.

Thanks,
Ben


> 
> Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>
> 
> 
> --- linux-2.6.20/net/8021q/vlan_dev.c 2007-02-04 19:44:54.000000000 +0100 
> +++ linux-2.6.20/net/8021q/vlan_dev.c 2007-04-12 21:12:17.000000000 +0200 
> @@ -380,6 +380,9 @@
>   		} else {
>   			vhdr->h_vlan_encapsulated_proto = htons(len);
>   		}
> +
> +		skb->protocol = htons(ETH_P_8021Q);
> +		skb->nh.raw = skb->data;
>   	}
> 
>   	/* Before delegating work to the lower layer, enter our MAC-address */
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> -
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

Re: [PATCH] allow VLAN interface on top of bridge interface

[David Miller]

This is the second time this patch has been forwarded to netdev
in the past hour.

And I'll say the same thing I said to the first person who did it this
way.  Because you just blindly forwarded this here, and did not tell
the orignal poster why, and furthermore took linux-kernel off the CC
list, we now have two problems:

1) The poster hasn't learned where the correct location is
   to send the report and why that is the correct place.
   They just see their report getting forwarded around.

2) Since linux-kernel got dropped, people will reply to both
   instances of the original posting, so people watching the
   thread one on side will miss the postings made on the
   other.

I'd appreciate it if the poster were explicitly informed of where
they should send their report as well as retaining linux-kernel
on the CC: list if forwarding to netdev as well so we can avoid
both of these problems.

Thanks.

Re: [PATCH] allow VLAN interface on top of bridge interface

[David Miller]

From: Ben Greear <greearb@candelatech.com>
Date: Thu, 12 Apr 2007 14:45:07 -0700

> Andrew Morton wrote:
> > 
> > Begin forwarded message:
> > 
> > Date: Thu, 12 Apr 2007 21:50:00 +0200 (CEST)
> > From: Jerome Borsboom <j.borsboom@erasmusmc.nl>
> > To: linux-kernel@vger.kernel.org
> > Subject: [PATCH] allow VLAN interface on top of bridge interface
> > 
> > 
> > When a VLAN interface is created on top of a bridge interface and 
> > netfilter is enabled to see the bridged packets, the packets can be 
> > corrupted when passing through the netfilter code. This is caused by the 
> > VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff 
> > structure. In general, this is no problem as the VLAN interface is mostly 
> > connected to a physical ethernet interface which does not use the 
> > 'protocol' and 'nh' members. For a bridge interface, however, these 
> > members do matter.
> 
> Why only do this inside that if clause?  I can see only setting
> nh.raw in that clause, but it seems like the protocol should be set
> regardless.

Because outside the if clause we are making the packet look
like a normal ethernet frame to the rest of the stack, and
only adding the VLAN tag at the very last moment in
->hard_start_xmit().