commit 6aafeef03b9d9ecf
("netfilter: push reasm skb through instead of original frag skbs")
changed ipv6 defrag to not use the original skbs anymore.
However, we still clone fragment skbs and retain original ones
just to free them soon after. Since reassembled skb is newly
allocated, we also need to recursively re-invoke the netfilter hooks
so they can work on the reassembled skb.
This removes those clone/free operations and also avoids the
hook reinvocation by morphing the reassembled skb into the last skb
(i.e. the skb that completes the frag queue), just like ipv4 defrag.
include/net/netfilter/ipv6/nf_defrag_ipv6.h | 3
net/ipv6/netfilter/nf_conntrack_reasm.c | 168 +++++++++++-----------------
net/ipv6/netfilter/nf_defrag_ipv6_hooks.c | 20 ---
net/openvswitch/conntrack.c | 25 ----
4 files changed, 78 insertions(+), 138 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
