Jan Engelhardt wrote: > On Wednesday 2010-02-24 18:40, Patrick McHardy wrote: >>> Jan Engelhardt (6): >>> netfilter: xtables: replace XT_ENTRY_ITERATE macro >>> netfilter: xtables: optimize call flow around xt_entry_foreach >>> netfilter: xtables: replace XT_MATCH_ITERATE macro >>> netfilter: xtables: optimize call flow around xt_ematch_foreach >>> netfilter: xtables: reduce arguments to translate_table >>> netfilter: xtables2: make ip_tables reentrant >> I've applied patch 1-5 for now. Patch 6 doesn't add any value >> so far, so it should go in a series that actually makes use of >> this > > Rusty left a note "must return absolute verdict" in ipt_REJECT > and ip6t_REJECT, so maybe he thought of something. > > Irrespective of that however, there is xt_TEE in Xtables-addons which > would greatly benefit in the 6th patch (which is standalone, nothing > else is needed in the kernel to get it done), as it could then track > both the original copy and the tee'd copy through the tables, instead > of having to forget one. There's no benefit to the kernel at this point, just the risk of breakage. Anyways, its too late now. > My intention was to have the entire set merged by 2.6.32, only > delayed by my own tinkering around with the get_cycle measurement of > the data collapse. But it was ready on-time for the 2.6.34 window! > What went wrong? Do we need to begin the merge-into-kabernext window > much earlier? Yes, you should begin submitting patches when net-next opens, usually at -rc1. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
