D51760.id159859.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D51760.id159859.diff
View Options

	diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
	--- a/sys/net/if_bridge.c
	+++ b/sys/net/if_bridge.c
	@@ -1500,8 +1500,7 @@
	bif->bif_flags = IFBIF_LEARNING \| IFBIF_DISCOVER;
	bif->bif_savedcaps = ifs->if_capenable;
	bif->bif_vlanproto = ETHERTYPE_VLAN;
	- if (sc->sc_flags & IFBRF_VLANFILTER)
	- bif->bif_pvid = sc->sc_defpvid;
	+ bif->bif_pvid = sc->sc_defpvid;
	if (sc->sc_flags & IFBRF_DEFQINQ)
	bif->bif_flags \|= IFBIF_QINQ;

	@@ -1970,9 +1969,6 @@
	struct ifbreq *req = arg;
	struct bridge_iflist *bif;

	- if ((sc->sc_flags & IFBRF_VLANFILTER) == 0)
	- return (EXTERROR(EINVAL, "VLAN filtering not enabled"));
	-
	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
	if (bif == NULL)
	return (EXTERROR(ENOENT, "Interface is not a bridge member"));
	@@ -2410,12 +2406,10 @@
	mflags = m->m_flags;

	/*
	- * If VLAN filtering is enabled, and the native VLAN ID of the
	- * outgoing interface matches the VLAN ID of the frame, remove
	- * the VLAN header.
	+ * If the native VLAN ID of the outgoing interface matches the
	+ * VLAN ID of the frame, remove the VLAN tag.
	*/
	- if ((sc->sc_flags & IFBRF_VLANFILTER) &&
	- bif->bif_pvid != DOT1Q_VID_NULL &&
	+ if (bif->bif_pvid != DOT1Q_VID_NULL &&
	VLANTAGOF(m) == bif->bif_pvid) {
	m->m_flags &= ~M_VLANTAG;
	m->m_pkthdr.ether_vtag = 0;
	@@ -3290,9 +3284,19 @@
	if (vlan > DOT1Q_VID_MAX)
	return (false);

	- /* If VLAN filtering isn't enabled, pass everything. */
	- if ((sbif->bif_sc->sc_flags & IFBRF_VLANFILTER) == 0)
	+ /*
	+ * If VLAN filtering isn't enabled, pass everything, but add a tag
	+ * if the port has a pvid configured.
	+ */
	+ if ((sbif->bif_sc->sc_flags & IFBRF_VLANFILTER) == 0) {
	+ if (vlan == DOT1Q_VID_NULL &&
	+ sbif->bif_pvid != DOT1Q_VID_NULL) {
	+ m->m_pkthdr.ether_vtag = sbif->bif_pvid;
	+ m->m_flags \|= M_VLANTAG;
	+ }
	+
	return (true);
	+ }

	/* If Q-in-Q is disabled, check for stacked tags. */
	if ((sbif->bif_flags & IFBIF_QINQ) == 0) {
	diff --git a/tests/sys/net/if_bridge_test.sh b/tests/sys/net/if_bridge_test.sh
	--- a/tests/sys/net/if_bridge_test.sh
	+++ b/tests/sys/net/if_bridge_test.sh
	@@ -899,7 +899,7 @@
	atf_test_case "vlan_pvid" "cleanup"
	vlan_pvid_head()
	{
	- atf_set descr 'bridge with two ports with pvid set'
	+ atf_set descr 'bridge with two ports with pvid and vlanfilter set'
	atf_set require.user root
	}

	@@ -1327,6 +1327,56 @@
	vnet_cleanup
	}

	+atf_test_case "vlan_untagged" "cleanup"
	+vlan_untagged_head()
	+{
	+ atf_set descr 'bridge with two ports with untagged set'
	+ atf_set require.user root
	+}
	+
	+vlan_untagged_body()
	+{
	+ vnet_init
	+ vnet_init_bridge
	+
	+ epone=$(vnet_mkepair)
	+ eptwo=$(vnet_mkepair)
	+
	+ vnet_mkjail one ${epone}b
	+ vnet_mkjail two ${eptwo}b
	+
	+ jexec one ifconfig ${epone}b 192.0.2.1/24 up
	+ jexec two ifconfig ${eptwo}b 192.0.2.2/24 up
	+
	+ bridge=$(vnet_mkbridge)
	+
	+ ifconfig ${bridge} up
	+ ifconfig ${epone}a up
	+ ifconfig ${eptwo}a up
	+ ifconfig ${bridge} addm ${epone}a untagged 20
	+ ifconfig ${bridge} addm ${eptwo}a untagged 30
	+
	+ # With two ports on different VLANs, traffic should not be passed.
	+ atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	+ atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	+
	+ # Move the second port to VLAN 20; now traffic should be passed.
	+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${eptwo}a 20
	+ atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	+ atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	+
	+ # Remove the first's port untagged config, now traffic should
	+ # not pass again.
	+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${epone}a
	+ atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	+ atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	+}
	+
	+vlan_untagged_cleanup()
	+{
	+ vnet_cleanup
	+}
	+
	atf_test_case "vlan_defuntagged" "cleanup"
	vlan_defuntagged_head()
	{
	@@ -1340,7 +1390,6 @@
	vnet_init_bridge

	bridge=$(vnet_mkbridge)
	- atf_check -s exit:0 ifconfig ${bridge} vlanfilter

	# Invalid VLAN IDs
	atf_check -s exit:1 -ematch:"invalid vlan id: 0" \
	@@ -1407,6 +1456,7 @@
	atf_add_test_case "vlan_ifconfig_iftagged"
	atf_add_test_case "vlan_svi"
	atf_add_test_case "vlan_qinq"
	+ atf_add_test_case "vlan_untagged"
	atf_add_test_case "vlan_defuntagged"
	atf_add_test_case "bridge_svi_in_bridge"
	}

File Metadata

Mime Type: text/plain
Expires: Tue, Apr 21, 3:38 PM (4 h, 12 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 31918478
Default Alt Text: D51760.id159859.diff (4 KB)

D51760.id159859.diffNo OneTemporaryActions

D51760.id159859.diffView Options

File Metadata

Event Timeline

D51760.id159859.diff
No OneTemporary
Actions

D51760.id159859.diff
View Options