On Mon, 2007-03-12 at 20:21 +1100, Herbert Xu wrote:

Sorry for the late response Jamal.  I've been too busy to give
this issue proper thought.  It's still in my mailbox so I will
respond to it once things quiten down a little.

I totaly empathize - take your time.

The point brought up on v6 extensions needs to be addressed. I thought
about it a little - and it is valid as well for ipv4 options; they will
be processed twice.
To build up on what Patrick said, I noticed a bit still available in the
bag right after skb->nf_trace that i could use to signal
"options/extensions already processed". 
If people think think this is a sane use of that very lonely bit, I will
post patches.
CCing Yoshfuji.

cheers,
jamal