]> err.no Git - linux-2.6/commitdiff
[NET] Move DF check to ip_forward
authorJohn Heffner <jheffner@psc.edu>
Mon, 26 Mar 2007 06:32:29 +0000 (23:32 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Thu, 26 Apr 2007 05:28:07 +0000 (22:28 -0700)
Do fragmentation check in ip_forward, similar to ipv6 forwarding.

Signed-off-by: John Heffner <jheffner@psc.edu>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/ip_forward.c

index 467ebedb99ba70680fa8f217e405ae48d9fe93e1..61b30d10067644538bda2207a4637b019c2ebdbb 100644 (file)
@@ -85,6 +85,14 @@ int ip_forward(struct sk_buff *skb)
        if (opt->is_strictroute && rt->rt_dst != rt->rt_gateway)
                goto sr_failed;
 
+       if (unlikely(skb->len > dst_mtu(&rt->u.dst) &&
+                    (ip_hdr(skb)->frag_off & htons(IP_DF))) && !skb->local_df) {
+               IP_INC_STATS(IPSTATS_MIB_FRAGFAILS);
+               icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
+                         htonl(dst_mtu(&rt->u.dst)));
+               goto drop;
+       }
+
        /* We are about to mangle packet. Copy it! */
        if (skb_cow(skb, LL_RESERVED_SPACE(rt->u.dst.dev)+rt->u.dst.header_len))
                goto drop;