Re: [PATCH RFC] net: bridge: drop packets with a local source

From: Andrew Lunn
Date: Wed Sep 11 2024 - 12:33:47 EST


On Wed, Sep 11, 2024 at 02:58:17PM +0200, Thomas Martitz wrote:
> Currently, there is only a warning if a packet enters the bridge
> that has the bridge's or one port's MAC address as source.
>
> Clearly this indicates a network loop (or even spoofing) so we
> generally do not want to process the packet. Therefore, move the check
> already done for 802.1x scenarios up and do it unconditionally.

Does 802.1d say anything about this?

Quoting the standard gives you a strong case for getting the patch
merged.

Andrew