From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56778) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZJiNZ-0007Cy-Fa for qemu-devel@nongnu.org; Mon, 27 Jul 2015 09:23:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZJiNT-0001kb-GF for qemu-devel@nongnu.org; Mon, 27 Jul 2015 09:23:41 -0400 Received: from [59.151.112.132] (port=5957 helo=heian.cn.fujitsu.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZJiNS-0001hG-PH for qemu-devel@nongnu.org; Mon, 27 Jul 2015 09:23:35 -0400 Message-ID: <55B630C5.7040600@cn.fujitsu.com> Date: Mon, 27 Jul 2015 21:23:17 +0800 From: Yang Hongyang MIME-Version: 1.0 References: <1437735359-17415-1-git-send-email-yanghy@cn.fujitsu.com> <55B31954.9000406@huawei.com> <55B4EB23.1080208@cn.fujitsu.com> <20150727103207.GC9132@redhat.com> In-Reply-To: <20150727103207.GC9132@redhat.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 0/9] For QEMU 2.5: Add a net filter and a netbuffer plugin based on the filter List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" Cc: thuth@redhat.com, zhanghailiang , jasowang@redhat.com, peter.huangpeng@huawei.com, mrhines@linux.vnet.ibm.com, qemu-devel@nongnu.org, stefanha@redhat.com Hi, Thank you for the comment! On 07/27/2015 06:32 PM, Daniel P. Berrange wrote: > On Sun, Jul 26, 2015 at 10:13:55PM +0800, Yang Hongyang wrote: [...] >>> Which is a little verbose for 'netdev' option. >> >> It's just the name diffrence, using netfilter will be >> -netfilter ... -netfilter ... >> >> using plugin=xxx will make us hard to extend the plugin params under existing >> netdev design thus will needs lots of extra effort to archive our goal, but we >> already have a simple way, do we? and do note that Daniel's concern was based >> on my initial RFC patch, which has a usage about "plugin=xxx", this series >> is totally different. > > The current -netdev / netdev_add/netdev_del interfaces have a fairly > static view of the world. If you just want to setup filters at the > time you setup the guest NIC that's fine, but if you want to be able > to dynamically change the filters that are used, without altering > the guest device or the real host backend, I think you're going to > run into problems using -netdev. eg consider you have a pre-exisiting > guest running and you want to add in a 'dump' filter to temporarily > record traffic to a file, without having any impact on guest > connectivity. I'm not seeing how you could achieve that with the > proposed netdev approach, because you'd basically have to delete the > existing NIC and add a new one from scratch. We will modify the NIC's peer when using netdev_add to add the filter. The current netdev_add/netdev_del can be used while guest is running. just to make sure netdev's init/cleanup can do the right thing. > > Regards, > Daniel > -- Thanks, Yang.