On Fri, Jun 09, 2023 at 12:30:30PM +0200, Pablo Neira Ayuso wrote: > This is an IPv4 header, which does not require the special handling > as in IPv6, use the payload matching instead of meta l4proto which > is slightly faster in this case. Interestingly, xlate code did this distinction between IPv4 and IPv6 already. So using a payload match here is actually more consistent. Patch applied, thanks!
