netfilter: bridge: allow fragmentation of VLAN packets traversing a bridge

[net-next-2.6.git] / net / bridge / br_netfilter.c

diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 3953ac4214c818e27a2a19d39c3e71bdd531f17a..e4a418fcb35bfe3d163210f0ceeb19a09535e64c 100644 (file)
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -788,15 +788,23 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff *skb,
        return NF_STOLEN;
 }
 
+#if defined(CONFIG_NF_CONNTRACK_IPV4) || defined(CONFIG_NF_CONNTRACK_IPV4_MODULE)
 static int br_nf_dev_queue_xmit(struct sk_buff *skb)
 {
-       if (skb->protocol == htons(ETH_P_IP) &&
+       if (skb->nfct != NULL &&
+           (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb)) &&
            skb->len > skb->dev->mtu &&
            !skb_is_gso(skb))
                return ip_fragment(skb, br_dev_queue_push_xmit);
        else
                return br_dev_queue_push_xmit(skb);
 }
+#else
+static int br_nf_dev_queue_xmit(struct sk_buff *skb)
+{
+        return br_dev_queue_push_xmit(skb);
+}
+#endif
 
 /* PF_BRIDGE/POST_ROUTING ********************************************/
 static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff *skb,