On Fri, Jul 22, 2016 at 05:48:33PM +0200, Pablo M. Bermudo Garay wrote: > In some cases, xlate functions must print a different result if they are > invoked from nft and not from a xtables-translate command. > > This commit adds a new boolean field to the xt_xlate struct. This > variable must be true when a xlate function is called from a nft > command. Additional code is required in nft in order to obtain this > behavior. Why not simply pass a new parameter to ->xlate()? This patch is anyway updating the binary interface and it makes this less obscure as it is part of the interface. The xlate structure hides the buffer intentionally to avoid exposing it the the backend extensions, the comments are also stored there to use native nf_tables comment support. But the only reason for this approach is that you're being lazy and you don't want to upgrade the footprint of every xlate extension ;-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
