There is a libnetfilter_queue patch of mine from the March 2022 that is still under review in Patchwork: https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220328024821.9927-1-duncan_roe@xxxxxxxxxxxxxxx/ I tested recently with 63KB packets: overall CPU decrease 20%, user CPU decrease 50%. This patch could open an avenue to having libnetfilter_queue handle tunneling. E.g. for tcp over udp, you could have 2 pktbuff structs (because the data area can be anywhere, rather than residing after the pktbuff head). It would be great to get a yes / no / please do xxx. Cheers ... Duncan.
