blob: fadb645636b1fb4a04ef2648ea712fec0a0d1e6f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
From: Felix Fietkau <nbd@openwrt.org>
Subject: [PATCH] bridge: no EAP forward
When bridging, do not forward EAP frames to other ports, only deliver
them locally.
Fixes WPA authentication issues with multiples APs that are connected to
each other via bridges.
---
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -153,7 +153,11 @@ int br_handle_frame_finish(struct sk_buf
dst = NULL;
- if (is_broadcast_ether_addr(dest)) {
+ if (skb->protocol == htons(ETH_P_PAE)) {
+ skb2 = skb;
+ /* Do not forward 802.1x/EAP frames */
+ skb = NULL;
+ } else if (is_broadcast_ether_addr(dest)) {
if (IS_ENABLED(CONFIG_INET) &&
p->flags & BR_PROXYARP &&
skb->protocol == htons(ETH_P_ARP))
|
