Tom Hughes <tom@xxxxxxxxxx> wrote:
> Commit 264640fc2c5f4 ("ipv6: distinguish frag queues by device
> for multicast and link-local packets") modified the ipv6 fragment
> reassembly logic to distinguish frag queues by device for multicast
> and link-local packets but in fact only the main reassembly code
> limits the use of the device to those address types and the netfilter
> reassembly code uses the device for all packets.
>
> This means that if fragments of a packet arrive on different interfaces
> then netfilter will fail to reassemble them and the fragments will be
> expired without going any further through the filters.
>
> Signed-off-by: Tom Hughes <tom@xxxxxxxxxx>
Probably:
Fixes: 648700f76b03 ("inet: frags: use rhashtables for reassembly units")
?
Before this nf ipv6 reasm called ip6_frag_match() which ignored ifindex
for types other than mcast/linklocal.
