This series removes the 'broute' hook by promoting ebtables' broute table
to a normal ebtables table (invoked via normal PREROUTING netfilter hook).
The downside is that nf_hook_slow() needs to be duplicated in br_input.c
(see patch 3).
However, I think its worth the price as this allows to remove the
br_should_route_hook.
There are quite some changes in bridge specific code, if you prefer
I can re-submit this for net-next instead of nf-next.
Main motivation is to provide 'ebtables -t broute' functionality via
nftables later on, this can then be done without touching the bridge
or netfilter core infrastructure again.
Florian Westphal (4):
selftests: netfilter: add ebtables broute test case
bridge: reduce size of input cb to 16 bytes
bridge: netfilter: unroll NF_HOOK helper in bridge input path
bridge: broute: make broute a real ebtables table
include/linux/if_bridge.h | 3
include/net/netfilter/nf_queue.h | 3
net/bridge/br_arp_nd_proxy.c | 18 +-
net/bridge/br_input.c | 72 +++++++--
net/bridge/br_private.h | 15 +-
net/bridge/netfilter/ebtable_broute.c | 63 ++++++--
net/bridge/netfilter/ebtables.c | 7
net/netfilter/core.c | 1
net/netfilter/nf_internals.h | 3
net/netfilter/nf_queue.c | 1
tools/testing/selftests/netfilter/Makefile | 2
tools/testing/selftests/netfilter/bridge_brouter.sh | 146 ++++++++++++++++++++
12 files changed, 268 insertions(+), 66 deletions(-)
