[NETFILTER]: bridge-nf: filter bridged IPv4/IPv6 encapsulated in pppoe traffic

[pandora-kernel.git] / include / linux / netfilter_bridge.h

diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index 55689f3..1906003 100644 (file)
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -7,6 +7,7 @@
 #include <linux/netfilter.h>
 #include <linux/if_ether.h>
 #include <linux/if_vlan.h>
+#include <linux/if_pppox.h>
 
 /* Bridge Hooks */
 /* After promisc drops, checksum checks. */
@@ -58,8 +59,14 @@ static inline int nf_bridge_maybe_copy_header(struct sk_buff *skb)
  * enough room for the encapsulating header (if there is one). */
 static inline int nf_bridge_pad(const struct sk_buff *skb)
 {
-       return (skb->nf_bridge && skb->protocol == htons(ETH_P_8021Q))
-               ? VLAN_HLEN : 0;
+       int padding = 0;
+
+       if (skb->nf_bridge && skb->protocol == htons(ETH_P_8021Q))
+               padding = VLAN_HLEN;
+       else if (skb->nf_bridge && skb->protocol == htons(ETH_P_PPP_SES))
+               padding = PPPOE_SES_HLEN;
+
+       return padding;
 }
 
 struct bridge_skb_cb {