ip_fragment: don't forward defragmented DF packet

 * @len: total length of the original datagram

 * @meat: length of received fragments so far

 * @flags: fragment queue flags

 * @max_size: (ipv4 only) maximum received fragment size with IP_DF set

 * @max_size: maximum received fragment size

 * @net: namespace that this frag belongs to

 */

struct inet_frag_queue {

#define IPSKB_FRAG_COMPLETE	BIT(3)

#define IPSKB_REROUTED		BIT(4)

#define IPSKB_DOREDIRECT	BIT(5)

#define IPSKB_FRAG_PMTU		BIT(6)

	u16			frag_max_size;

};

	__be16		id;

	u8		protocol;

	u8		ecn; /* RFC3168 support */

	u16		max_df_size; /* largest frag with DF set seen */

	int             iif;

	unsigned int    rid;

	struct inet_peer *peer;

{

	struct sk_buff *prev, *next;

	struct net_device *dev;

	unsigned int fragsize;

	int flags, offset;

	int ihl, end;

	int err = -ENOENT;

	if (offset == 0)

		qp->q.flags |= INET_FRAG_FIRST_IN;

	fragsize = skb->len + ihl;

	if (fragsize > qp->q.max_size)

		qp->q.max_size = fragsize;

	if (ip_hdr(skb)->frag_off & htons(IP_DF) &&

	    skb->len + ihl > qp->q.max_size)

		qp->q.max_size = skb->len + ihl;

	    fragsize > qp->max_df_size)

		qp->max_df_size = fragsize;

	if (qp->q.flags == (INET_FRAG_FIRST_IN | INET_FRAG_LAST_IN) &&

	    qp->q.meat == qp->q.len) {

	head->next = NULL;

	head->dev = dev;

	head->tstamp = qp->q.stamp;

	IPCB(head)->frag_max_size = qp->q.max_size;

	IPCB(head)->frag_max_size = max(qp->max_df_size, qp->q.max_size);

	iph = ip_hdr(head);

	/* max_size != 0 implies at least one fragment had IP_DF set */

	iph->frag_off = qp->q.max_size ? htons(IP_DF) : 0;

	iph->tot_len = htons(len);

	iph->tos |= ecn;

	/* When we set IP_DF on a refragmented skb we must also force a

	 * call to ip_fragment to avoid forwarding a DF-skb of size s while

	 * original sender only sent fragments of size f (where f < s).

	 *

	 * We only set DF/IPSKB_FRAG_PMTU if such DF fragment was the largest

	 * frag seen to avoid sending tiny DF-fragments in case skb was built

	 * from one very small df-fragment and one large non-df frag.

	 */

	if (qp->max_df_size == qp->q.max_size) {

		IPCB(head)->flags |= IPSKB_FRAG_PMTU;

		iph->frag_off = htons(IP_DF);

	} else {

		iph->frag_off = 0;

	}

	IP_INC_STATS_BH(net, IPSTATS_MIB_REASMOKS);

	qp->q.fragments = NULL;

	qp->q.fragments_tail = NULL;

	if (skb_is_gso(skb))

		return ip_finish_output_gso(sk, skb, mtu);

	if (skb->len > mtu)

	if (skb->len > mtu || (IPCB(skb)->flags & IPSKB_FRAG_PMTU))

		return ip_fragment(sk, skb, mtu, ip_finish_output2);

	return ip_finish_output2(sk, skb);

{

	struct iphdr *iph = ip_hdr(skb);

	if (unlikely(((iph->frag_off & htons(IP_DF)) && !skb->ignore_df) ||

	if ((iph->frag_off & htons(IP_DF)) == 0)

		return ip_do_fragment(sk, skb, output);

	if (unlikely(!skb->ignore_df ||

		     (IPCB(skb)->frag_max_size &&

		      IPCB(skb)->frag_max_size > mtu))) {

		struct rtable *rt = skb_rtable(skb);

	iph = ip_hdr(skb);

	mtu = ip_skb_dst_mtu(skb);

	if (IPCB(skb)->frag_max_size && IPCB(skb)->frag_max_size < mtu)

		mtu = IPCB(skb)->frag_max_size;

	/*

	 *	Setup starting values.

		iph = ip_hdr(skb2);

		iph->frag_off = htons((offset >> 3));

		if (IPCB(skb)->flags & IPSKB_FRAG_PMTU)

			iph->frag_off |= htons(IP_DF);

		/* ANK: dirty, but effective trick. Upgrade options only if

		 * the segment to be fragmented was THE FIRST (otherwise,

		 * options are already fixed) and make it ONCE