[PATCH 06/13]: [IPV4/6]: Netfilter IPsec input hooks
kaber at trash.net
Sun Dec 18 23:59:35 CET 2005
YOSHIFUJI Hideaki / $B5HF#1QL@ wrote:
> In article <43A571B5.205 at trash.net> (at Sun, 18 Dec 2005 15:27:01 +0100), Patrick McHardy <kaber at trash.net> says:
>>How about this patch instead? It eliminates the nhoffp argument
>>to IPv6 protocol handlers by storing it in the IP6CB, which allows
>>to call ip6_input_finish a second time and have it skip already
>>parsed headers and also gets rid of the manual hopopts skipping.
> The idea to store IP6CB itself seems sane to me.
> BTW, we're now using full of skb->cb
> (and we are even exceeding it w/ mobile-ipv6 extensions)...
Not in mainline so far, so maybe we can fit your extensions
and my patches without the mobile extensions, that apparently
exceed the CB anyway, in there for now. Can I look at those
patches somewhere? BTW, other fields in the IP6CB seem to
store offsets in u16 fields, is this OK for nhoff too? I
thought with jumbo options I need to use a u32 field.
More information about the netfilter-devel