On Mon, Jul 20, 2015 at 10:05:16PM +0200, Daniel Borkmann wrote: > On 07/20/2015 08:24 PM, Pablo Neira Ayuso wrote: > ... > >I see, thanks for explaining. > > > >I would like to avoid the use of the ct->status bit to set this. Can > >you see a clean way to store this bit in the zone extension instead? > > Okay, understood, i.e. since it's unfortunately exported through UAPI > and there's limited space. I'm thinking of renaming the u16 for the > direction in the zones structure into 'flags' and just add an indicator > there [as we still have unused bits there] ... would that seem better? Grab u8 for flags. u8 to store directions should be sufficient I'd suggest. BTW, did you consider replacing NF_CT_DEFAULT_ZONE by a global object? It looks like a natural way in the patch that replaces the u16 by struct nf_conntrack_zone. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
