Hi Patrick, Harald,

I was working on unrelated problem and noticed that ip_tables.c
seem to abuse inline. I prepared a patch which removes inlines
except those which are used by packet matching code
(and thus are really performance-critical).
I added comments explaining that remaining inlines are
performance critical.

Result as reported by size:

   text    data     bss     dec     hex filename
-  6451     380      88    6919    1b07 ip_tables.o
+  6339     348      72    6759    1a67 ip_tables.o

Please take this patch into netfilter queue.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
--
vda