Jan Engelhardt <jengelh@xxxxxxx> wrote:
> >Why? Maybe someone wants to collect statistics on encountered packet
> >size or something like that.
>
> Possibly so, but you would not want to penalize users who do
> want the short-circuiting behavior when they are not interested
> in the statistics.
What short-circuit behaviour?
The difference we're talking about is:
*reg = get_gso_segment_or_nh_len(skb);
vs.
if (!skb_is_gso(skb) ||
get_gso_segment_len(skb) <= priv->len))
regs->verdict.code = NFT_BREAK;
