diff options
author | Felix Fietkau <nbd@nbd.name> | 2021-03-24 04:30:48 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2021-03-24 22:48:39 +0300 |
commit | 26267bf9bb57d504c785d8659adc8e02b6629c95 (patch) | |
tree | 1aff391d24412388d48b3c93dbccfb4dd4b3aacd /net/netfilter/nf_flow_table_offload.c | |
parent | 73f97025a972cd1506e8b1986264b2fb8833df7c (diff) | |
download | linux-26267bf9bb57d504c785d8659adc8e02b6629c95.tar.xz |
netfilter: flowtable: bridge vlan hardware offload and switchdev
The switch might have already added the VLAN tag through PVID hardware
offload. Keep this extra VLAN in the flowtable but skip it on egress.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/nf_flow_table_offload.c')
-rw-r--r-- | net/netfilter/nf_flow_table_offload.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e0d079601fcb..9326ba74745e 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -594,8 +594,12 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, other_tuple = &flow->tuplehash[!dir].tuple; for (i = 0; i < other_tuple->encap_num; i++) { - struct flow_action_entry *entry = flow_action_entry_next(flow_rule); + struct flow_action_entry *entry; + if (other_tuple->in_vlan_ingress & BIT(i)) + continue; + + entry = flow_action_entry_next(flow_rule); entry->id = FLOW_ACTION_VLAN_PUSH; entry->vlan.vid = other_tuple->encap[i].id; entry->vlan.proto = other_tuple->encap[i].proto; |