On 30.08.2011 14:57, Florian Westphal wrote: > Patrick McHardy <kaber@xxxxxxxxx> wrote: >> On 30.08.2011 14:41, Florian Westphal wrote: >>> Patrick McHardy <kaber@xxxxxxxxx> wrote: >>>>> main drawback: >>>>> - additional fib lookup to get oif (used as flow key in reverse lookup) >>>> >>>> As discussed during the workshop, we could just perform input routing >>>> in the module to get the oif for free. That would require to take care >>>> of statistics as currently done in ip_rcv_finish() though. >>> >>> Right. >>> Any idea on how to solve the 'struct sk_buff *' (ip_route_input) vs. >>> 'const struct sk_buff *' (matches) problem? >>> >>> We'd have to modify all the match signatures... >> >> Some modules already remove the const by casting it away, not >> pretty, but works. Since the kernel doesn't assume strict aliasing >> this also shouldn't cause any problems in the future. Alternatively >> we can change the function signatures of course, although that would >> be a bit unfortunate just for this special case. > > Agreed, modifying the match function signature for this case would be > sad. > > I'll wait a couple of days and will send an updated version > that uses the ugly cast + ip_route_input. Regarding the statistic update, I'd suggest to move those to a new function and call it from your module to avoid duplication and possibly getting out of sync in the future. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
