On Sat, Aug 19, 2023 at 12:55:03PM +1000, Duncan Roe wrote: > There is a libnetfilter_queue patch of mine from the March 2022 that is still > under review in Patchwork: > > https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220328024821.9927-1-duncan_roe@xxxxxxxxxxxxxxx/ > > I tested recently with 63KB packets: overall CPU decrease 20%, user CPU decrease > 50%. I just took the bare minimum of this patch to provide more control on memory management as you request, it is here: http://git.netfilter.org/libnetfilter_queue/commit/?id=91d2c947b473b3540be5474c7128a5fa4ce60934 I have removed the extra callback wrapper which does not provide much but an extra layer to the user. > This patch could open an avenue to having libnetfilter_queue handle tunneling. > E.g. for tcp over udp, you could have 2 pktbuff structs (because the data area > can be anywhere, rather than residing after the pktbuff head). Please, do not pursue this approach, this pkt_buff structure is mocking the sk_buff API in the kernel in a very simplistic way. You can still implement such tunnel handling in your application. Thanks.
