On Thu, May 27, 2021 at 10:23:15PM +0200, Pablo Neira Ayuso wrote: > On Tue, May 18, 2021 at 01:08:48PM +1000, Duncan Roe wrote: > > To avoid a copy, the new code takes advantage of the fact that the netfilter > > netlink queue never returns multipart messages. > > This means that the buffer space following that callback data is available for > > packet expansion when mangling. > > > > nfq_cb_run() is a new nfq-specific callback runqueue for netlink messages. > > The principal function of nfq_cb_run() is to pass to the called function what is > > the length of free space after the packet. > > As a side benefit, nfq_cb_run() also gives the called functio a pointer to a > > zeroised struct pkt_buff, avoiding the malloc / free that was previously needed. > > > > nfq_cb_t is a new typedef for the function called by nfq_cb_run() > > [c.f. mnl_cb_t / mnl_cb_run]. > > Interesting idea: let me get back to you with a proposal based on this > patch. > [...] It occurred to me there is no real need to use a callback any more. However, mnl_cb_run() does some checks before and after invoking the cb. Some of these checks may still be valid, so leave it as_is? This patch has been on the table for a while, any idea when you might find time to respond? Cheers ... Duncan.
