openwrtv3/target/linux/generic/patches-4.0/640-bridge_no_eap_forward.patch
Rafał Miłecki c64214d465 kernel: describe bridge patch "no EAP forward"
It was initially added in r25095 by nbd.

SVN-Revision: 46823
2015-09-08 16:42:50 +00:00

23 lines
709 B
Diff

From: Felix Fietkau <nbd@openwrt.org>
Subject: [PATCH] bridge: no EAP forward
When bridging, do not forward EAP frames to other ports, only deliver
them locally.
Fixes WPA authentication issues with multiples APs that are connected to
each other via bridges.
---
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -153,7 +153,11 @@ int br_handle_frame_finish(struct sk_buf
dst = NULL;
- if (is_broadcast_ether_addr(dest)) {
+ if (skb->protocol == htons(ETH_P_PAE)) {
+ skb2 = skb;
+ /* Do not forward 802.1x/EAP frames */
+ skb = NULL;
+ } else if (is_broadcast_ether_addr(dest)) {
if (IS_ENABLED(CONFIG_INET) &&
p->flags & BR_PROXYARP &&
skb->protocol == htons(ETH_P_ARP))