nat64: Set Don't Fragment bit in IPv4 packets

IPv6 doesn't support fragmentation, so make sure IPv4 packets are not fragmented in-flight either. Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
2024-05-06 15:54:53 +00:00 · 2021-10-04 17:51:32 +02:00
parent 742924a076
commit ced3d8c4bc
1 changed files with 1 additions and 0 deletions
--- a/nat64-bpf/nat64_kern.c
+++ b/nat64-bpf/nat64_kern.c
@@ -264,6 +264,7 @@ static int nat64_handle_v6(struct __sk_buff *skb, struct hdr_cursor *nh)
 	struct iphdr dst_hdr = {
 		.version = 4,
                .ihl = 5,
+                .frag_off = bpf_htons(1<<14), /* set Don't Fragment bit */
        };

        ip_offset = (nh->pos - data) & 0x1fff;