On Sat, 21 Mar 2026 20:43:28 -0400
Jon Maloy
[...]
@@ -987,6 +1034,38 @@ static bool is_dns_flow(uint8_t proto, const struct flowside *ini) ((ini->oport == 53) || (ini->oport == 853)); }
+/** + * fwd_select_addr() - Select address with priority-based search + * @c: Execution context + * @af: Address family (AF_INET or AF_INET6) + * @primary: Primary flags to match (or 0 to skip) + * @secondary: Secondary flags to match (or 0 to skip) + * @skip: Flags to exclude from search + * + * Search for address entries in priority order. + * + * Return: pointer to selected address entry, or NULL if none found + */ +const struct guest_addr *fwd_select_addr(const struct ctx *c, int af, + int primary, int secondary, int skip)
Looking at 9/13 I start finding this quite confusing: instead of having a function doing two lookups with a preferred set of flags first, couldn't we simply call fwd_get_addr() multiple (up to 2) times if we have "secondary" flags? Does it really add much code? I think that even if it adds some lines it would be still preferable as it looks much more natural. -- Stefano