From: Herbert Xu <herbert@gondor.apana.org.au> Date: Tue, 1 Jul 2003 08:43:32 +1000 I posted this patch in an earlier thread but it seems to have been lost. Currently the SA selector check is always done with the details of the inner packet. This will break scenarios like nested tunnels as the outer tunnel's selector may be more restrictive. Ugh, can you implement this more cleanly possibly? All of this struct flow copying/clearing/etc. on EVERY PACKET is totally unacceptable. Struct flow is huge and it's bad enough that we have to build one of them each input event. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
