Hi, On Thu, Dec 10, 2020 at 02:06:27PM +0100, Phil Sutter wrote: [...] > * Drop getters previously introduced along with struct nft_chain to > reduce size of patch 5. Extracting data from embedded nftnl_chain into > nft_chain and back if needed is future work. In addition to a "common" review of my patches, I would like to ask you to consider patch 5 and the code it adds separately as a direct result of the premise to not add a sorting function to libnftnl (patch here[1]) in order to keep the library's size small. A consequent continuation of patch 5 is the implementation of converters from nftnl_chain to nft_chain and vice versa. While this should reduce cache size a bit (struct nftnl_chain is pretty big), it adds overhead to cache fetch and commit operations. After all, I'm not sure if the direction is feasible given the code-duplication it caused to manage a list of chains in iptables instead of using the chain list functionality of libnftnl. Cheers, Phil [1] https://lore.kernel.org/netfilter-devel/20200711084505.23825-1-phil@xxxxxx/
