On Sun, Feb 16, 2014 at 11:43:11AM +0100, Pablo Neira Ayuso wrote:
> On Sun, Feb 16, 2014 at 11:28:24AM +0100, Florian Westphal wrote:
> > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > > > static inline void nf_reset_trace(struct sk_buff *skb)
> > > > {
> > > > -#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE)
> > > > +#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) || defined(CONFIG_NF_TABLES)
> > >
> > > Perhaps you can add a generic CONFIG_NF_TRACE that is set by xt_trace
> > > and nf_tables?
> >
> > I could do that, sure, but I don't see the value in doing so.
> > After this patch the only place where we need to test for both
> > are the two places in skbuff.h.
> >
> > Unless you want to make the nf_trace operations in nftables
> > conditional on CONFIG_NF_TRACE?
>
> No, that wasn't my intention.
>
> > OTOH I think that trace support is a very important thing to have and I
> > doubt that compiling it out would save a lot of size.
> >
> > But sure, if you think it makes sense I can add CONFIG_NF_TRACE and
> > make nf_tables tracing conditional.
>
> This is just a cosmetic comment, but I can live with that long #if
> line. Leave it up to you to decide.
I intend to make nftables tracing use static keys, unless that turns out
not to reduce the overhead we can keep it unconditionally.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
