OpenWrt – Blame information for rev 2
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | From: Felix Fietkau <nbd@nbd.name> |
2 | Subject: [PATCH] bridge: port isolate |
||
3 | |||
4 | Isolating individual bridge ports |
||
5 | --- |
||
6 | --- a/net/bridge/br_private.h |
||
7 | +++ b/net/bridge/br_private.h |
||
8 | @@ -172,6 +172,7 @@ struct net_bridge_port |
||
9 | #define BR_FLOOD 0x00000040 |
||
10 | #define BR_AUTO_MASK (BR_FLOOD | BR_LEARNING) |
||
11 | #define BR_PROMISC 0x00000080 |
||
12 | +#define BR_ISOLATE_MODE 0x00000100 |
||
13 | |||
14 | #ifdef CONFIG_BRIDGE_IGMP_SNOOPING |
||
15 | struct bridge_mcast_own_query ip4_own_query; |
||
16 | --- a/net/bridge/br_sysfs_if.c |
||
17 | +++ b/net/bridge/br_sysfs_if.c |
||
18 | @@ -170,6 +170,7 @@ BRPORT_ATTR_FLAG(bpdu_guard, BR_BPDU_GUA |
||
19 | BRPORT_ATTR_FLAG(root_block, BR_ROOT_BLOCK); |
||
20 | BRPORT_ATTR_FLAG(learning, BR_LEARNING); |
||
21 | BRPORT_ATTR_FLAG(unicast_flood, BR_FLOOD); |
||
22 | +BRPORT_ATTR_FLAG(isolated, BR_ISOLATE_MODE); |
||
23 | |||
24 | #ifdef CONFIG_BRIDGE_IGMP_SNOOPING |
||
25 | static ssize_t show_multicast_router(struct net_bridge_port *p, char *buf) |
||
26 | @@ -213,6 +214,7 @@ static const struct brport_attribute *br |
||
27 | &brport_attr_multicast_router, |
||
28 | &brport_attr_multicast_fast_leave, |
||
29 | #endif |
||
30 | + &brport_attr_isolated, |
||
31 | NULL |
||
32 | }; |
||
33 | |||
34 | --- a/net/bridge/br_input.c |
||
35 | +++ b/net/bridge/br_input.c |
||
36 | @@ -120,8 +120,8 @@ int br_handle_frame_finish(struct sk_buf |
||
37 | |||
38 | unicast = false; |
||
39 | br->dev->stats.multicast++; |
||
40 | - } else if ((dst = __br_fdb_get(br, dest, vid)) && |
||
41 | - dst->is_local) { |
||
42 | + } else if ((p->flags & BR_ISOLATE_MODE) || |
||
43 | + ((dst = __br_fdb_get(br, dest, vid)) && dst->is_local)) { |
||
44 | skb2 = skb; |
||
45 | /* Do not forward the packet since it's local. */ |
||
46 | skb = NULL; |
||
47 | --- a/net/bridge/br_forward.c |
||
48 | +++ b/net/bridge/br_forward.c |
||
49 | @@ -117,7 +117,7 @@ EXPORT_SYMBOL_GPL(br_deliver); |
||
50 | /* called with rcu_read_lock */ |
||
51 | void br_forward(const struct net_bridge_port *to, struct sk_buff *skb, struct sk_buff *skb0) |
||
52 | { |
||
53 | - if (should_deliver(to, skb)) { |
||
54 | + if (should_deliver(to, skb) && !(to->flags & BR_ISOLATE_MODE)) { |
||
55 | if (skb0) |
||
56 | deliver_clone(to, skb, __br_forward); |
||
57 | else |
||
58 | @@ -173,7 +173,7 @@ static void br_flood(struct net_bridge * |
||
59 | struct sk_buff *skb0, |
||
60 | void (*__packet_hook)(const struct net_bridge_port *p, |
||
61 | struct sk_buff *skb), |
||
62 | - bool unicast) |
||
63 | + bool unicast, bool forward) |
||
64 | { |
||
65 | struct net_bridge_port *p; |
||
66 | struct net_bridge_port *prev; |
||
67 | @@ -181,6 +181,8 @@ static void br_flood(struct net_bridge * |
||
68 | prev = NULL; |
||
69 | |||
70 | list_for_each_entry_rcu(p, &br->port_list, list) { |
||
71 | + if (forward && (p->flags & BR_ISOLATE_MODE)) |
||
72 | + continue; |
||
73 | /* Do not flood unicast traffic to ports that turn it off */ |
||
74 | if (unicast && !(p->flags & BR_FLOOD)) |
||
75 | continue; |
||
76 | @@ -207,14 +209,14 @@ out: |
||
77 | /* called with rcu_read_lock */ |
||
78 | void br_flood_deliver(struct net_bridge *br, struct sk_buff *skb, bool unicast) |
||
79 | { |
||
80 | - br_flood(br, skb, NULL, __br_deliver, unicast); |
||
81 | + br_flood(br, skb, NULL, __br_deliver, unicast, false); |
||
82 | } |
||
83 | |||
84 | /* called under bridge lock */ |
||
85 | void br_flood_forward(struct net_bridge *br, struct sk_buff *skb, |
||
86 | struct sk_buff *skb2, bool unicast) |
||
87 | { |
||
88 | - br_flood(br, skb, skb2, __br_forward, unicast); |
||
89 | + br_flood(br, skb, skb2, __br_forward, unicast, true); |
||
90 | } |
||
91 | |||
92 | #ifdef CONFIG_BRIDGE_IGMP_SNOOPING |