Hi Florian, On Wed, Oct 02, 2024 at 05:55:38PM +0200, Florian Westphal wrote: > Provide more precise drop information rather than doing the freeing > from core.c:nf_hook_slow(). > > First patch is a small preparation patch, rest coverts NF_DROP > locations of NF_DROP_REASON(). One question regarding this series. Most spots still rely on EPERM which is the default reason for NF_DROP. I wonder if it is worth updating all these spots to use NF_DROP_REASON with EPERM. I think patchset becomes smaller if it is only used to provide a better reason than EPERM. Thanks.
