On Mon, May 04, 2015 at 08:59:41PM +0200, Florian Westphal wrote: > At the moment I think having two hooks provides no advantage, it only > complicates code. It's exactly the opposite which this thread is showing. Single hook creates complicated relationship between tc/nft. There is no code shared. TC critical path becomes slower with extra dereference and indirect jump. We have to think how 'tc qdisc add ingress' can auto-unload nft_ingress, etc That is real complexity that can be avoided with two hooks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
