Am 02.03.19 um 19:37 schrieb Pablo Neira Ayuso: > From: Florian Westphal <fw@xxxxxxxxx> > > Merge the ipv4 and ipv6 nat chain type. This is the last > missing piece which allows to provide inet family support > for nat in a follow patch. > > The kconfig knobs for ipv4/ipv6 nat chain are removed, the > nat chain type will be built unconditionally if NFT_NAT > expression is enabled. > > Before: > text data bss dec hex filename > 1576 896 0 2472 9a8 nft_chain_nat_ipv4.ko > 1697 896 0 2593 a21 nft_chain_nat_ipv6.ko > > After: > text data bss dec hex filename > 1832 896 0 2728 aa8 nft_chain_nat.ko there are similar *probably* low hanging fruits with 5.7 "ip6_udp_tunnel" and "nf_defrag_ipv6" are unconditionally loaded even on pure ipv4 setups and the two ipv6 sepcific rehect modules only when ipv6 is in use 3,5K udp_tunnel.ko.xz 2,5K ip6_udp_tunnel.ko.xz 2,4K nf_defrag_ipv4.ko.xz 6,7K nf_defrag_ipv6.ko.xz 2.3K ipt_REJECT.ko.xz 2.3K ip6t_REJECT.ko.xz 3.1K nf_reject_ipv4.ko.xz 4.1K nf_reject_ipv6.ko.x
