Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > static inline void nf_reset_trace(struct sk_buff *skb)
> > {
> > -#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE)
> > +#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) || defined(CONFIG_NF_TABLES)
>
> Perhaps you can add a generic CONFIG_NF_TRACE that is set by xt_trace
> and nf_tables?
I could do that, sure, but I don't see the value in doing so.
After this patch the only place where we need to test for both
are the two places in skbuff.h.
Unless you want to make the nf_trace operations in nftables
conditional on CONFIG_NF_TRACE?
OTOH I think that trace support is a very important thing to have and I
doubt that compiling it out would save a lot of size.
But sure, if you think it makes sense I can add CONFIG_NF_TRACE and
make nf_tables tracing conditional.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
