[Description]

Fix the conditions for binding VLAN to HNAT.
Whether egress packets carries vlan depends on skb ->vlan_present.

The previous code will fail when encountering the following situation:
PC1->eth1.45-->lan-->PC2.
PC1 send packets with vlan 45,
disable HNAT, PC2 capture packets without vlan.
enable HNAT, PC2 capture packets with vlan.

This patch fix it.

[Release-log]
N/A

Change-Id: Iaa0916680733eda810b37abea2d0bd7201932cfd
Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/6879837
This commit is contained in:
developer 2022-12-06 14:00:09 +08:00 committed by hanwckf
parent 62499220b4
commit 6dfac66b1d

View File

@ -1265,13 +1265,15 @@ static unsigned int skb_to_hnat_info(struct sk_buff *skb,
entry.ipv4_hnapt.vlan1 = hw_path->vlan_id; entry.ipv4_hnapt.vlan1 = hw_path->vlan_id;
if (skb->vlan_tci && FROM_GE_WAN(skb) && IS_LAN(dev)) { if (skb_vlan_tag_present(skb)) {
entry.bfib1.vlan_layer += 1; entry.bfib1.vlan_layer += 1;
if (entry.ipv4_hnapt.vlan1) if (entry.ipv4_hnapt.vlan1)
entry.ipv4_hnapt.vlan2 = (skb->vlan_tci & VLAN_VID_MASK); entry.ipv4_hnapt.vlan2 =
skb->vlan_tci;
else else
entry.ipv4_hnapt.vlan1 = (skb->vlan_tci & VLAN_VID_MASK); entry.ipv4_hnapt.vlan1 =
skb->vlan_tci;
} }
entry.ipv4_hnapt.sip = foe->ipv4_hnapt.sip; entry.ipv4_hnapt.sip = foe->ipv4_hnapt.sip;
@ -1317,13 +1319,15 @@ static unsigned int skb_to_hnat_info(struct sk_buff *skb,
entry.ipv6_5t_route.vlan1 = hw_path->vlan_id; entry.ipv6_5t_route.vlan1 = hw_path->vlan_id;
if (skb->vlan_tci && FROM_GE_WAN(skb) && IS_LAN(dev)) { if (skb_vlan_tag_present(skb)) {
entry.bfib1.vlan_layer += 1; entry.bfib1.vlan_layer += 1;
if (entry.ipv6_5t_route.vlan1) if (entry.ipv6_5t_route.vlan1)
entry.ipv6_5t_route.vlan2 = (skb->vlan_tci & VLAN_VID_MASK); entry.ipv6_5t_route.vlan2 =
skb->vlan_tci;
else else
entry.ipv6_5t_route.vlan1 = (skb->vlan_tci & VLAN_VID_MASK); entry.ipv6_5t_route.vlan1 =
skb->vlan_tci;
} }
if (hnat_priv->data->per_flow_accounting) if (hnat_priv->data->per_flow_accounting)