netfilter: ebtables: Fixes dropping of small packets in bridge nat

Fixes an error causing small packets to get dropped. skb_ensure_writable expects the second parameter to be a length in the ethernet payload.=20 If we want to write the ethernet header (src, dst), we should pass 0. Otherwise, packets with small payloads (< ETH_ALEN) will get dropped. Fixes: c1a831167901 ("netfilter: bridge: convert skb_make_writable to skb_ensure_writable") Signed-off-by: Timothée COCAULT <timothee.cocault@orange.com> Reviewed-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Timothée COCAULT <timothee.cocault@orange.com> 2020-10-14 12:36:15 +0000
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2020-10-20 13:54:53 +0200
commit: 63137bc5882a1882c553d389fdeeeace86ee1741 (patch)
tree: c75c8eb65692b77fe046275e9238370deccbbc51 /net/bridge/netfilter/ebt_dnat.c
parent: 68f9f9c2c3b6a7259f6a92bc26cdc7bd22e7a982 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bridge/netfilter/ebt_dnat.c b/net/bridge/netfilter/ebt_dnat.c
index 12a4f4d93681..3fda71a8579d 100644
--- a/net/bridge/netfilter/ebt_dnat.c
+++ b/net/bridge/netfilter/ebt_dnat.c
@@ -21,7 +21,7 @@ ebt_dnat_tg(struct sk_buff *skb, const struct xt_action_param *par)
 {
 	const struct ebt_nat_info *info = par->targinfo;
 
-	if (skb_ensure_writable(skb, ETH_ALEN))
+	if (skb_ensure_writable(skb, 0))
 		return EBT_DROP;
 
 	ether_addr_copy(eth_hdr(skb)->h_dest, info->mac);
author	Timothée COCAULT <timothee.cocault@orange.com>	2020-10-14 12:36:15 +0000
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2020-10-20 13:54:53 +0200
commit	63137bc5882a1882c553d389fdeeeace86ee1741 (patch)
tree	c75c8eb65692b77fe046275e9238370deccbbc51 /net/bridge/netfilter/ebt_dnat.c
parent	68f9f9c2c3b6a7259f6a92bc26cdc7bd22e7a982 (diff)