Displaying 2 results from an estimated 2 matches for "c0d9c08088c4".
2023 Jun 19
1
[Bridge] [PATCH net-next v2 3/3] net: bridge: Add a configurable default FDB learning limit
...avm.de>
---
Changes since v1:
- Added a default limit in Kconfig. (deemed acceptable in review
comments)
net/bridge/Kconfig | 13 +++++++++++++
net/bridge/br_device.c | 2 ++
2 files changed, 15 insertions(+)
diff --git a/net/bridge/Kconfig b/net/bridge/Kconfig
index 3c8ded7d3e84..c0d9c08088c4 100644
--- a/net/bridge/Kconfig
+++ b/net/bridge/Kconfig
@@ -84,3 +84,16 @@ config BRIDGE_CFM
Say N to exclude this support and reduce the binary size.
If unsure, say N.
+
+config BRIDGE_DEFAULT_FDB_MAX_LEARNED
+ int "Default FDB learning limit"
+ default 0
+ depends on BRIDGE
+...
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit