From: Antonio Quartulli antonio@meshcoding.com Date: Thu, 19 Dec 2013 01:15:27 +0100
If an interface enslaved into batman-adv is a bridge (or a virtual interface built on top of a bridge) the nf_bridge member of the skbs reaching the soft-interface is filled with the state about "netfilter bridge" operations.
Then, if one of such skbs is locally delivered, the nf_bridge member should be cleaned up to avoid that the old state could mess up with other "netfilter bridge" operations when entering a second bridge. This is needed because batman-adv is an encapsulation protocol.
However at the moment skb->nf_bridge is not released at all leading to bogus "netfilter bridge" behaviours. Fix this by releasing skb->nf_bridge before an skb gets delivered to the upper layer in interface_rx().
Signed-off-by: Antonio Quartulli antonio@meshcoding.com Signed-off-by: Marek Lindner mareklindner@neomailbox.ch
See nf_reset() and skb_scrub_packet(). Do not reinvent the wheel.
Thank you.