Re: [PATCH nf-next] netfilter: synproxy: only register hooks when needed

Florian Westphal wrote: > Defer registration of the synproxy hooks until the first SYNPROXY rule is > added. Also means we only register hooks in namespaces that need it. On a related note: should I bother with CLUSTERIP or can be remove it? -- To unsubscribe from this list:

[PATCH nf-next] netfilter: synproxy: only register hooks when needed

Defer registration of the synproxy hooks until the first SYNPROXY rule is added. Also means we only register hooks in namespaces that need it. Signed-off-by: Florian Westphal --- include/net/netfilter/nf_conntrack_synproxy.h | 2 + net/ipv4/netfilter/ipt_SYNPROXY.c