On Fri, Jun 4, 2010 at 7:40 PM, Patrick McHardy <kaber@xxxxxxxxx> wrote: > Eric Dumazet wrote: >> Obviously, an IPS_UNTRACKED bit would be much easier to implement. >> Would it be acceptable ? > > That also would be fine. However the main idea behind using a nfctinfo > bit was that we wouldn't need the untracked conntrack anymore at all. > But I guess a per-cpu untrack conntrack would already be an improvement > over the current situation. I think Eric didn't mean ip_conntrack_info but ip_conntrack_status bit. Since we have had a IPS_TEMPLATE bit, I think another IPS_UNTRACKED bit is also acceptable. -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
