On 9/6/25 11:14 PM, Florian Westphal wrote:
> Eric Woudstra <ericwouds@xxxxxxxxx> wrote:
>> + __be16 outer_proto, proto = 0;
>> struct nft_pktinfo pkt;
>> + int ret, offset = 0;
>>
>> nft_set_pktinfo(&pkt, skb, state);
>>
>> switch (eth_hdr(skb)->h_proto) {
>> + case htons(ETH_P_PPP_SES): {
>> + struct ppp_hdr {
>> + struct pppoe_hdr hdr;
>> + __be16 proto;
>> + } *ph;
>
> Maybe add nft_set_bridge_pktinfo() and place this
> entire switch/case there?
>
Ok. At the end of nft_do_chain_bridge() I've added (after removing
skb->protocol munging):
if (offset && ret == NF_ACCEPT)
skb_reset_network_header(skb);
To reset the network header, only when it had been changed.
Do you want this helper to return the offset, so it can be used here?
Or do you think it is more clean to always reset the network header like so:
if (ret == NF_ACCEPT)
skb_reset_network_header(skb);
(Same question for nf_ct_bridge_pre())
>> + skb_set_network_header(skb, offset);
>
> I assume thats because the network header still points to
> the ethernet header at this stage?
That is correct.
