Patrick McHardy <kaber@xxxxxxxxx> wrote: > On 15.03.2011 19:49, Florian Westphal wrote: [..] > > + rt = rt6_lookup(net, addr, NULL, ifindex, !!dev); > > Florian, I just noticed that this will pull in the IPv6 module just > by loading the xt_addrtype module. Can we convert this to use > nf_ip6_afinfo->route() instead? I tried this, but i found two issues: - no netns support (nf_ip6_route passed init_net) - its not possible to ask for RT6_LOOKUP_F_IFACE flag in the underlying fib6_rule_lookup() call. But AFAICT the latter is needed to support the '--limit-iface-in/out' option. Any idea? Otherwise I think I'll have a go at extending afinfo->route() to pass in struct net* and a 'strict' argument (i.e. what rt6_lookup() has). Unfortunately that would have to wait for 2.6.40... Thanks, Florian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
