ipv6: drop packets with multiple fragmentation headers [ Upstream commit f46078cfcd77fa5165bf849f5e568a7ac5fa569c ] It is not allowed for an ipv6 packet to contain multiple fragmentation headers. So discard packets which were already reassembled by fragmentation logic and send back a parameter problem icmp. The updates for RFC 6980 will come in later, I have to do a bit more research here. Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

commit: 055c396300ee15d990777841278ba94d2bc7868a [log] [tgz]
author: Hannes Frederic Sowa <hannes@stressinduktion.org> Fri Aug 16 13:30:07 2013 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Sat Sep 14 06:02:10 2013 -0700
tree: 7160fdb3700a540dd58fa7c01d1930df13749a02
parent: f4cb837d1bdb6e1592523ce76c3f45188d120b4e [diff]
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 8260ef7..e6412ee 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h

@@ -260,6 +260,7 @@
 #define IP6SKB_XFRM_TRANSFORMED	1
 #define IP6SKB_FORWARDED	2
 #define IP6SKB_REROUTED		4
+#define IP6SKB_FRAGMENTED      16
 };
 
 #define IP6CB(skb)	((struct inet6_skb_parm*)((skb)->cb))
commit	055c396300ee15d990777841278ba94d2bc7868a	[log] [tgz]
author	Hannes Frederic Sowa <hannes@stressinduktion.org>	Fri Aug 16 13:30:07 2013 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	Sat Sep 14 06:02:10 2013 -0700
tree	7160fdb3700a540dd58fa7c01d1930df13749a02
parent	f4cb837d1bdb6e1592523ce76c3f45188d120b4e [diff]