Re: [PATCH RFC] net: bridge: drop packets with a local source

From: Andrew Lunn
Date: Wed Sep 11 2024 - 12:33:47 EST

Next message: Bjorn Helgaas: "Re: [PATCH v8 11/11] PCI: imx6: Add i.MX8Q PCIe root complex (RC) support"
Previous message: Edgecombe, Rick P: "Re: [PATCH 05/21] KVM: VMX: Teach EPT violation helper about private mem"
In reply to: Thomas Martitz: "[PATCH RFC] net: bridge: drop packets with a local source"
Next in thread: tmartitz-oss: "Re: [PATCH RFC] net: bridge: drop packets with a local source"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 11, 2024 at 02:58:17PM +0200, Thomas Martitz wrote:
> Currently, there is only a warning if a packet enters the bridge
> that has the bridge's or one port's MAC address as source.
>
> Clearly this indicates a network loop (or even spoofing) so we
> generally do not want to process the packet. Therefore, move the check
> already done for 802.1x scenarios up and do it unconditionally.

Does 802.1d say anything about this?

Quoting the standard gives you a strong case for getting the patch
merged.

Andrew

Next message: Bjorn Helgaas: "Re: [PATCH v8 11/11] PCI: imx6: Add i.MX8Q PCIe root complex (RC) support"
Previous message: Edgecombe, Rick P: "Re: [PATCH 05/21] KVM: VMX: Teach EPT violation helper about private mem"
In reply to: Thomas Martitz: "[PATCH RFC] net: bridge: drop packets with a local source"
Next in thread: tmartitz-oss: "Re: [PATCH RFC] net: bridge: drop packets with a local source"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]