diff options
| -rw-r--r-- | RELNOTES | 7 | ||||
| -rw-r--r-- | common/lpf.c | 6 |
2 files changed, 10 insertions, 3 deletions
@@ -54,6 +54,13 @@ by Eric Young (eay@cryptsoft.com). Changes since 4.3.3 +- The linux packet fitler code now correctly treats only least significant + 12 bits an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q). + Prior to this it was using the entire 16 bit value as the VLAN id and + incorrectly discarding packets. Thanks to Jiri Popelka at Red Hat for + reporting this issue and supplying its patch. + [ISC-Bugs #40591] + - Corrected a static analyzer warning in common/execute.c [ISC-Bugs #40374] diff --git a/common/lpf.c b/common/lpf.c index 7889b6bb..ee3820b6 100644 --- a/common/lpf.c +++ b/common/lpf.c @@ -422,10 +422,10 @@ ssize_t receive_packet (interface, buf, len, from, hfrom) if (cmsg->cmsg_level == SOL_PACKET && cmsg->cmsg_type == PACKET_AUXDATA) { struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg); - /* Discard packets with stripped vlan id */ - #ifdef VLAN_TCI_PRESENT - if (aux->tp_vlan_tci != 0) + /* Discard packets with stripped vlan id */ + /* VLAN ID is only bottom 12-bits of TCI */ + if (aux->tp_vlan_tci & 0x0fff) return 0; #endif |