netfilter: bridge-netfilter: fix refragmenting IP traffic encapsulated in PPPoE traffic

[net-next-2.6.git] / include / linux / netfilter_bridge.h

diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index f8105e54716a76bccdfbbcdcf9b7c34a974d2906..0ddd161f3b060c2e2ec0d665c1ddc719213443f7 100644 (file)
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -41,10 +41,10 @@ enum nf_br_hook_priorities {
 
 #define BRNF_PKT_TYPE                  0x01
 #define BRNF_BRIDGED_DNAT              0x02
-#define BRNF_DONT_TAKE_PARENT          0x04
-#define BRNF_BRIDGED                   0x08
-#define BRNF_NF_BRIDGE_PREROUTING      0x10
-
+#define BRNF_BRIDGED                   0x04
+#define BRNF_NF_BRIDGE_PREROUTING      0x08
+#define BRNF_8021Q                     0x10
+#define BRNF_PPPoE                     0x20
 
 /* Only used in br_forward.c */
 extern int nf_bridge_copy_header(struct sk_buff *skb);
@@ -68,6 +68,27 @@ static inline unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb)
        }
 }
 
+static inline unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)
+{
+       if (unlikely(skb->nf_bridge->mask & BRNF_PPPoE))
+               return PPPOE_SES_HLEN;
+       return 0;
+}
+
+extern int br_handle_frame_finish(struct sk_buff *skb);
+/* Only used in br_device.c */
+static inline int br_nf_pre_routing_finish_bridge_slow(struct sk_buff *skb)
+{
+       struct nf_bridge_info *nf_bridge = skb->nf_bridge;
+
+       skb_pull(skb, ETH_HLEN);
+       nf_bridge->mask ^= BRNF_BRIDGED_DNAT;
+       skb_copy_to_linear_data_offset(skb, -(ETH_HLEN-ETH_ALEN),
+                                      skb->nf_bridge->data, ETH_HLEN-ETH_ALEN);
+       skb->dev = nf_bridge->physindev;
+       return br_handle_frame_finish(skb);
+}
+
 /* This is called by the IP fragmenting code and it ensures there is
  * enough room for the encapsulating header (if there is one). */
 static inline unsigned int nf_bridge_pad(const struct sk_buff *skb)