Hi Pablo, Thanks for your feedback. On Tue, Dec 23, 2014 at 2:50 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > It would be great if you can refactor the existing filtering in > ctnetlink_dump_table() to reduce the #ifdef pollution. My suggestion > is to encapsulate the mark-based filtering code in a > ctnetlink_filter() function that you can call from the dump and the > flush paths. Sounds good. I guess that as long as the only function which calls ctnetlink_dump_table() and sets c.data is ctnetlink_get_conntrack(), we can do something like this in ctnetlink_dump_table(): if (cb->data && ctnetlink_apply_filter(cb->data)) And then wrap the mark check in apply_filter in an ifdef. I will have a v2 ready during the week. -Kristian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
