Ok. I'll consider merging it soon. However I have a request that stems
from Alexey's one man cisco obsolesence project. Is there a sane way to
add
ip_chain_scope(u32 src_ip, u32 dst_ip, u16 src_port, u16 dst_port, u8 protocol)
To tell me if I can cache the result of that firewall rule for
any port
match src port
match dst port
match protocol
so that the per network card caches can handle firewalling when doing
fast forwarding. (Note sometimes being over cautious is fine - we could
also simply make it a "hint" field provided by the user application)
Alan