On 27.11, Florian Westphal wrote: > 3rd round. > > See the individual patches for changelog vs. V 2. > > Patrick: Nothing fancy from libnftnl side, just the 3 new attributes > (oiftype, nfproto, policy). > > On kernel side I addressed all of the comments. > > In case of NFPROTO_INET, the new NFTA_TRACE_NFPROTO will be 'NFPROTO_IPV4' > (or IPV6), the netlink header family is set to NFPROTO_INET. That's sounds good. > I tried to reduce nft_do_chain bloat, +80 on my system. That's even better than I expected, thanks! > We have one unconditional foo = false assignment, all nftrace calls > are avoided in 'no trace rules set' case via static key. > > Let me know if you spot more problems. I'll review it tommorrow if you don't mind, currently trying to wrap my head around the sub-byte and offset expressions. We have some limitations which I'd like to address if I'm already working in that area before I continue on the tracing part. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
