From patchwork Wed Sep 4 00:13:38 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Linus_L=C3=BCssing?= X-Patchwork-Id: 272439 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 9505B2C00A7 for ; Wed, 4 Sep 2013 10:14:48 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1761587Ab3IDAOW (ORCPT ); Tue, 3 Sep 2013 20:14:22 -0400 Received: from mout.web.de ([212.227.17.12]:59475 "EHLO mout.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1761432Ab3IDAOU (ORCPT ); Tue, 3 Sep 2013 20:14:20 -0400 Received: from localhost ([141.83.153.180]) by smtp.web.de (mrweb003) with ESMTPSA (Nemesis) id 0LgHKO-1VkneF10FQ-00nei7 for ; Wed, 04 Sep 2013 02:14:18 +0200 From: =?UTF-8?q?Linus=20L=C3=BCssing?= To: netdev@vger.kernel.org Cc: bridge@lists.linux-foundation.org, Stephen Hemminger , "David S. Miller" , linux-kernel@vger.kernel.org, Herbert Xu , Cong Wang , Adam Baker , =?UTF-8?q?Linus=20L=C3=BCssing?= Subject: [PATCH net-next 1/2] bridge: prevent flooding IPv6 packets that do not have a listener Date: Wed, 4 Sep 2013 02:13:38 +0200 Message-Id: <1378253619-23918-2-git-send-email-linus.luessing@web.de> X-Mailer: git-send-email 1.8.4.rc3 In-Reply-To: <1378253619-23918-1-git-send-email-linus.luessing@web.de> References: <1378253619-23918-1-git-send-email-linus.luessing@web.de> MIME-Version: 1.0 X-Provags-ID: V03:K0:6qzvhBdnaW+jqWRVo/ftWVFvAF5D4xvj3zpnsSE8+vXfHatWokp 3gyeaCJW1hh/er4dx9D24JNXhTYXxefZAshanslGc7YM52894GR2/z8523Mi45p0wyN4hGf QYJU1rY3tY5fngYllxVXUOyrJqxKmMACXPVZs25vyTmTHeGHVrbshrZcfA1EJ006dcR3Xow viQZRSeO4vR50/0X1ar+Q== Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Currently if there is no listener for a certain group then IPv6 packets for that group are flooded on all ports, even though there might be no host and router interested in it on a port. With this commit they are only forwarded to ports with a multicast router. Just like commit bd4265fe36 ("bridge: Only flood unregistered groups to routers") did for IPv4, let's do the same for IPv6 with the same reasoning. Signed-off-by: Linus Lüssing --- net/bridge/br_multicast.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c index bbcb435..662ba7b 100644 --- a/net/bridge/br_multicast.c +++ b/net/bridge/br_multicast.c @@ -1547,8 +1547,14 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br, * - MLD has always Router Alert hop-by-hop option * - But we do not support jumbrograms. */ - if (ip6h->version != 6 || - ip6h->nexthdr != IPPROTO_HOPOPTS || + if (ip6h->version != 6) + return 0; + + /* Prevent flooding this packet if there is no listener present */ + if (ipv6_is_transient_multicast(&ip6h->daddr)) + BR_INPUT_SKB_CB(skb)->mrouters_only = 1; + + if (ip6h->nexthdr != IPPROTO_HOPOPTS || ip6h->payload_len == 0) return 0;