diff options
Diffstat (limited to 'target/linux/generic/patches-4.9/640-bridge-only-accept-EAP-locally.patch')
| -rw-r--r-- | target/linux/generic/patches-4.9/640-bridge-only-accept-EAP-locally.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/target/linux/generic/patches-4.9/640-bridge-only-accept-EAP-locally.patch b/target/linux/generic/patches-4.9/640-bridge-only-accept-EAP-locally.patch new file mode 100644 index 0000000..3202499 --- /dev/null +++ b/target/linux/generic/patches-4.9/640-bridge-only-accept-EAP-locally.patch @@ -0,0 +1,27 @@ +From: Felix Fietkau <nbd@nbd.name> +Subject: [PATCH] bridge: only accept EAP locally + +When bridging, do not forward EAP frames to other ports, only deliver +them locally, regardless of the state. + +Signed-off-by: Felix Fietkau <nbd@nbd.name> +--- +--- a/net/bridge/br_input.c ++++ b/net/bridge/br_input.c +@@ -163,11 +163,14 @@ int br_handle_frame_finish(struct net *n + } + } + ++ BR_INPUT_SKB_CB(skb)->brdev = br->dev; ++ ++ if (skb->protocol == htons(ETH_P_PAE)) ++ return br_pass_frame_up(skb); ++ + if (p->state == BR_STATE_LEARNING) + goto drop; + +- BR_INPUT_SKB_CB(skb)->brdev = br->dev; +- + if (IS_ENABLED(CONFIG_INET) && skb->protocol == htons(ETH_P_ARP)) + br_do_proxy_arp(skb, br, vid, p); + |