On 07/21/2015 09:37 AM, Pablo Neira Ayuso wrote:
On Mon, Jul 20, 2015 at 10:05:16PM +0200, Daniel Borkmann wrote:
On 07/20/2015 08:24 PM, Pablo Neira Ayuso wrote:
...
I see, thanks for explaining.
I would like to avoid the use of the ct->status bit to set this. Can
you see a clean way to store this bit in the zone extension instead?
Okay, understood, i.e. since it's unfortunately exported through UAPI
and there's limited space. I'm thinking of renaming the u16 for the
direction in the zones structure into 'flags' and just add an indicator
there [as we still have unused bits there] ... would that seem better?
Grab u8 for flags. u8 to store directions should be sufficient I'd
suggest.
That's fine as well, will do.
BTW, did you consider replacing NF_CT_DEFAULT_ZONE by a global object?
It looks like a natural way in the patch that replaces the u16 by
struct nf_conntrack_zone.
We still need the NF_CT_DEFAULT_ZONE itself, the ID I mean, in a couple
of places, but I'll look into having a global default struct and replace
it in these places that don't have zone support.
Thanks,
Daniel
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
