Linux 3.10 kernel bridge??????
?????lvyilong316 ???????[ 2016/9/14 11:37:13 ] ????????Linux ??????
????????NF_BR_LOCAL_IN hook??????br_handle_local_finish??????
????static int br_handle_local_finish(struct sk_buff *skb)
????{
????struct net_bridge_port *p = br_port_get_rcu(skb->dev);
????u16 vid = 0;
????/*???skb??vlan id(3.10??bridge???vlan)*/
????br_vlan_get_tag(skb?? &vid);
????/*????bridge??mac??????vlan id??????????????vlan???????????mac??*/
????br_fdb_update(p->br?? p?? eth_hdr(skb)->h_source?? vid);
????return 0; /* process further */
????}
????????NF_BR_PRE_ROUTING hook??????br_handle_frame_finish??????
????br_handle_frame_finish
int br_handle_frame_finish(struct sk_buff *skb)
{
const unsigned char *dest = eth_hdr(skb)->h_dest;
struct net_bridge_port *p = br_port_get_rcu(skb->dev);
struct net_bridge *br;
struct net_bridge_fdb_entry *dst;
struct net_bridge_mdb_entry *mdst;
struct sk_buff *skb2;
u16 vid = 0;
if (!p || p->state == BR_STATE_DISABLED)
goto drop;
/*????ж??????vlan??????飬????????????????vlan???*/
if (!br_allowed_ingress(p->br?? nbp_get_vlan_info(p)?? skb?? &vid))
goto out;
/* insert into forwarding database after filtering to avoid spoofing */
br = p->br;
/*????????????*/
br_fdb_update(br?? p?? eth_hdr(skb)->h_source?? vid);
/*??mac?????*/
if (!is_broadcast_ether_addr(dest) && is_multicast_ether_addr(dest) &&
br_multicast_rcv(br?? p?? skb))
goto drop;
if (p->state == BR_STATE_LEARNING)
goto drop;
BR_INPUT_SKB_CB(skb)->brdev = br->dev;
/* The packet skb2 goes to the local host (NULL to skip). */
skb2 = NULL;
/*???????????????????*/
if (br->dev->flags & IFF_PROMISC)
skb2 = skb;
dst = NULL;
/*???skb?????mac???*/
if (is_broadcast_ether_addr(dest))
skb2 = skb;
else if (is_multicast_ether_addr(dest)) { /*??*/
mdst = br_mdb_get(br?? skb?? vid);
if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) {
if ((mdst && mdst->mglist) ||
br_multicast_is_router(br))
skb2 = skb;
br_multicast_forward(mdst?? skb?? skb2);
skb = NULL;
if (!skb2)
goto out;
} else
skb2 = skb;
br->dev->stats.multicast++;
} else if ((dst = __br_fdb_get(br?? dest?? vid)) && dst->is_local) {/*??????????mac??????????Э???*/
skb2 = skb;
/* Do not forward the packet since it's local. */
skb = NULL;
}
if (skb) {
if (dst) {
dst->used = jiffies;
br_forward(dst->dst?? skb?? skb2); //??????????
} else
br_flood_forward(br?? skb?? skb2); //?????????????
}
if (skb2)
return br_pass_frame_up(skb2); //????????Э???
out:
return 0;
drop:
kfree_skb(skb);
goto out;
}
???????????????????Э????????br_pass_frame_up??
????br_pass_frame_up
static int br_pass_frame_up(struct sk_buff *skb)
{
struct net_device *indev?? *brdev = BR_INPUT_SKB_CB(skb)->brdev;
struct net_bridge *br = netdev_priv(brdev);
//??????????(??)
/* Bridge is just like any other port. Make sure the
* packet is allowed except in promisc modue when someone
* may be running packet capture.
*/
if (!(brdev->flags & IFF_PROMISC) && !br_allowed_egress(br?? br_get_vlan_info(br)?? skb)) {
kfree_skb(skb); //??????????????vlan??????????????
return NET_RX_DROP;
}
//vlan???????
skb = br_handle_vlan(br?? br_get_vlan_info(br)?? skb);
if (!skb)
return NET_RX_DROP;
indev = skb->dev;
skb->dev = brdev; //????????????skb->dev?bridge
//????NF_BR_LOCAL_IN??ν???Э???
return NF_HOOK(NFPROTO_BRIDGE?? NF_BR_LOCAL_IN?? skb?? indev?? NULL??
netif_receive_skb);
}
??????ν???netif_receive_skb??????skb-dev?????ó???bridge????bridge?豸??rx_handler????????б????????????????ν???bridge??????????????????????Э?????
???????濴???????????????????br_forward?????У???br_forward???????__br_forward??????
????__br_forward
static void __br_forward(const struct net_bridge_port *to?? struct sk_buff *skb)
{
struct net_device *indev;
//vlan????
skb = br_handle_vlan(to->br?? nbp_get_vlan_info(to)?? skb);
if (!skb)
return;
indev = skb->dev;
skb->dev = to->dev; //skb->dev??????????豸dev
skb_forward_csum(skb);
//????NF_BR_FORWARD hook??????br_forward_finish
NF_HOOK(NFPROTO_BRIDGE?? NF_BR_FORWARD?? skb?? indev?? skb->dev??
br_forward_finish);
}
????br_forward_finish
int br_dev_queue_push_xmit(struct sk_buff *skb)
{
/* ip_fragment doesn't copy the MAC header */
if (nf_bridge_maybe_copy_header(skb) || (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb))) {
kfree_skb(skb);
} else {
skb_push(skb?? ETH_HLEN);
br_drop_fake_rtable(skb);
dev_queue_xmit(skb); //???????·??
}
return 0;
}
????Skb????dev_queue_xmit?????????豸???????????????????bridge?????????????3.10kernel??bridge????????????????
?????????2.6kernel?????bridge??OUTPUT hook????bridge dev?????????У???????????г???
??????
???·???
App??С????H5?????????????????Щ??
2024/9/11 15:34:34?????????????????????????
2024/9/10 11:13:49P-One ???????????????????????????????????????
2024/9/10 10:14:12???????????????????????????
2024/9/9 18:04:26??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44
sales@spasvo.com