[Bug 1744] Packet corruption occurs when using the nftables vlan pcp set command
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri May 10 11:32:40 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1744
--- Comment #6 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Hi,
(In reply to Yungan Wang from comment #5)
> (In reply to Pablo Neira Ayuso from comment #3)
> > Hi,
> >
> > nft_payload mangling is lacking special handling for vlan. Linux stores
> > decapsulated vlan information in skbuff metadata fields. The matching side
> > of nft_payload already deals, but nft_payload_set_eval() is lacking this.
> >
> > I can take a look and prepare a bugfix.
>
> Hi Pablo,
>
> Yes, that's exactly the issue I wanted to report. Thanks for addressing it.
I have posted a series:
https://patchwork.ozlabs.org/project/netfilter-devel/list/?series=406238
First patch is requires to make QinQ work, and second patch support for
mangling existing vlan tags (it also works with QinQ).
I am also extending existing tests infrastructure to improve coverage for this.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240510/55a3af61/attachment.html>
More information about the netfilter-buglog
mailing list