From: Jason Wang <jasowang@redhat.com>
To: Yang Hongyang <yanghy@cn.fujitsu.com>, qemu-devel@nongnu.org
Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com,
lizhijian@cn.fujitsu.com, Markus Armbruster <armbru@redhat.com>,
mrhines@linux.vnet.ibm.com,
Luiz Capitulino <lcapitulino@redhat.com>,
stefanha@redhat.com
Subject: Re: [Qemu-devel] [PATCH v6 03/10] netfilter: add netfilter_{add|del} commands
Date: Mon, 10 Aug 2015 17:20:13 +0800 [thread overview]
Message-ID: <55C86CCD.1060405@redhat.com> (raw)
In-Reply-To: <1438915585-30367-4-git-send-email-yanghy@cn.fujitsu.com>
On 08/07/2015 10:46 AM, Yang Hongyang wrote:
> add netfilter_{add|del} commands
> This is mostly the same with netdev_{add|del} commands.
>
> When we delete the netdev, we also delete the netfilter object
> attached to it, because if the netdev is removed, the filters
> which attached to it is useless.
>
> Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
> CC: Luiz Capitulino <lcapitulino@redhat.com>
> CC: Markus Armbruster <armbru@redhat.com>
> CC: Eric Blake <eblake@redhat.com>
> ---
> v6: add multiqueue support (qemu_del_net_filter)
> v5: squash "net: delete netfilter object when delete netdev"
> ---
> hmp-commands.hx | 30 +++++++++++++++
> hmp.c | 29 +++++++++++++++
> hmp.h | 4 ++
> include/net/filter.h | 3 ++
> monitor.c | 33 +++++++++++++++++
> net/filter.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++-
> net/net.c | 10 +++++
> qapi-schema.json | 47 ++++++++++++++++++++++++
> qmp-commands.hx | 57 +++++++++++++++++++++++++++++
> 9 files changed, 313 insertions(+), 1 deletion(-)
>
> diff --git a/hmp-commands.hx b/hmp-commands.hx
> index d3b7932..902e2d1 100644
> --- a/hmp-commands.hx
> +++ b/hmp-commands.hx
> @@ -1253,6 +1253,36 @@ Remove host network device.
> ETEXI
>
> {
> + .name = "netfilter_add",
> + .args_type = "netfilter:O",
> + .params = "[type],id=str,netdev=str[,chain=in|out|all,prop=value][,...]",
> + .help = "add netfilter",
> + .mhandler.cmd = hmp_netfilter_add,
> + .command_completion = netfilter_add_completion,
> + },
> +
> +STEXI
> +@item netfilter_add
> +@findex netfilter_add
> +Add netfilter.
> +ETEXI
> +
> + {
> + .name = "netfilter_del",
> + .args_type = "id:s",
> + .params = "id",
> + .help = "remove netfilter",
> + .mhandler.cmd = hmp_netfilter_del,
> + .command_completion = netfilter_del_completion,
> + },
> +
> +STEXI
> +@item netfilter_del
> +@findex netfilter_del
> +Remove netfilter.
> +ETEXI
> +
> + {
> .name = "object_add",
> .args_type = "object:O",
> .params = "[qom-type=]type,id=str[,prop=value][,...]",
> diff --git a/hmp.c b/hmp.c
> index dcc66f1..09e3cda 100644
> --- a/hmp.c
> +++ b/hmp.c
> @@ -15,6 +15,7 @@
>
> #include "hmp.h"
> #include "net/net.h"
> +#include "net/filter.h"
> #include "net/eth.h"
> #include "sysemu/char.h"
> #include "sysemu/block-backend.h"
> @@ -1599,6 +1600,34 @@ void hmp_netdev_del(Monitor *mon, const QDict *qdict)
> hmp_handle_error(mon, &err);
> }
>
> +void hmp_netfilter_add(Monitor *mon, const QDict *qdict)
> +{
> + Error *err = NULL;
> + QemuOpts *opts;
> +
> + opts = qemu_opts_from_qdict(qemu_find_opts("netfilter"), qdict, &err);
> + if (err) {
> + goto out;
> + }
> +
> + netfilter_add(opts, &err);
> + if (err) {
> + qemu_opts_del(opts);
> + }
> +
> +out:
> + hmp_handle_error(mon, &err);
> +}
> +
> +void hmp_netfilter_del(Monitor *mon, const QDict *qdict)
> +{
> + const char *id = qdict_get_str(qdict, "id");
> + Error *err = NULL;
> +
> + qmp_netfilter_del(id, &err);
> + hmp_handle_error(mon, &err);
> +}
> +
> void hmp_object_add(Monitor *mon, const QDict *qdict)
> {
> Error *err = NULL;
> diff --git a/hmp.h b/hmp.h
> index 0cf4f2a..a21dbbb 100644
> --- a/hmp.h
> +++ b/hmp.h
> @@ -85,6 +85,8 @@ void hmp_device_del(Monitor *mon, const QDict *qdict);
> void hmp_dump_guest_memory(Monitor *mon, const QDict *qdict);
> void hmp_netdev_add(Monitor *mon, const QDict *qdict);
> void hmp_netdev_del(Monitor *mon, const QDict *qdict);
> +void hmp_netfilter_add(Monitor *mon, const QDict *qdict);
> +void hmp_netfilter_del(Monitor *mon, const QDict *qdict);
> void hmp_getfd(Monitor *mon, const QDict *qdict);
> void hmp_closefd(Monitor *mon, const QDict *qdict);
> void hmp_sendkey(Monitor *mon, const QDict *qdict);
> @@ -112,6 +114,8 @@ void chardev_add_completion(ReadLineState *rs, int nb_args, const char *str);
> void set_link_completion(ReadLineState *rs, int nb_args, const char *str);
> void netdev_add_completion(ReadLineState *rs, int nb_args, const char *str);
> void netdev_del_completion(ReadLineState *rs, int nb_args, const char *str);
> +void netfilter_add_completion(ReadLineState *rs, int nb_args, const char *str);
> +void netfilter_del_completion(ReadLineState *rs, int nb_args, const char *str);
> void ringbuf_write_completion(ReadLineState *rs, int nb_args, const char *str);
> void watchdog_action_completion(ReadLineState *rs, int nb_args,
> const char *str);
> diff --git a/include/net/filter.h b/include/net/filter.h
> index 7a858d8..f15d83d 100644
> --- a/include/net/filter.h
> +++ b/include/net/filter.h
> @@ -53,5 +53,8 @@ NetFilterState *qemu_new_net_filter(NetFilterInfo *info,
> NetClientState *netdev,
> const char *name,
> int chain);
> +void qemu_del_net_filter(NetFilterState *nf);
> +void netfilter_add(QemuOpts *opts, Error **errp);
> +void qmp_netfilter_add(QDict *qdict, QObject **ret, Error **errp);
>
> #endif /* QEMU_NET_FILTER_H */
> diff --git a/monitor.c b/monitor.c
> index aeea2b5..d6b8f24 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -31,6 +31,7 @@
> #include "hw/loader.h"
> #include "exec/gdbstub.h"
> #include "net/net.h"
> +#include "net/filter.h"
> #include "net/slirp.h"
> #include "sysemu/char.h"
> #include "ui/qemu-spice.h"
> @@ -4193,6 +4194,21 @@ void netdev_add_completion(ReadLineState *rs, int nb_args, const char *str)
> }
> }
>
[...]
> +static int net_init_filter(void *dummy, QemuOpts *opts, Error **errp);
> +void netfilter_add(QemuOpts *opts, Error **errp)
> +{
> + net_init_filter(NULL, opts, errp);
> +}
> +
> +void qmp_netfilter_add(QDict *qdict, QObject **ret, Error **errp)
> +{
> + Error *local_err = NULL;
> + QemuOptsList *opts_list;
> + QemuOpts *opts;
> +
> + opts_list = qemu_find_opts_err("netfilter", &local_err);
> + if (local_err) {
> + goto out;
> + }
> +
> + opts = qemu_opts_from_qdict(opts_list, qdict, &local_err);
> + if (local_err) {
> + goto out;
> + }
> +
> + netfilter_add(opts, &local_err);
> + if (local_err) {
> + qemu_opts_del(opts);
> + goto out;
> + }
> +
> +out:
> + error_propagate(errp, local_err);
> +}
> +
> +void qmp_netfilter_del(const char *id, Error **errp)
> +{
> + NetFilterState *nf;
> + QemuOpts *opts;
> +
> + nf = qemu_find_netfilter(id);
> + if (!nf) {
> + error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
> + "Device '%s' not found", id);
Should be "Filter '%s' not found" ?
> + return;
> + }
> +
> + opts = qemu_opts_find(qemu_find_opts_err("netfilter", NULL), id);
> + if (!opts) {
> + error_setg(errp, "Device '%s' is not a netfilter", id);
Maybe "'%s' is not a filter" ?
> + return;
> + }
> +
> + qemu_del_net_filter(nf);
> + qemu_opts_del(opts);
How about moving qmp_opts_del() into qemu_del_net_filter() to avoid
codes duplication?
next prev parent reply other threads:[~2015-08-10 9:20 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-07 2:46 [Qemu-devel] [PATCH v6 00/10] For QEMU 2.5: Add a netfilter object and netbuffer filter Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 01/10] net: add a new object netfilter Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 02/10] init/cleanup of netfilter object Yang Hongyang
2015-08-10 9:18 ` Jason Wang
2015-08-20 16:41 ` Yang Hongyang
2015-08-21 1:35 ` Jason Wang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 03/10] netfilter: add netfilter_{add|del} commands Yang Hongyang
2015-08-10 9:20 ` Jason Wang [this message]
2015-08-11 7:07 ` Wen Congyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 04/10] netfilter: hook packets before net queue send Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 05/10] move out net queue structs define Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 06/10] netfilter: add an API to pass the packet to next filter Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 07/10] net/queue: export qemu_net_queue_append_iov Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 08/10] netfilter: add a netbuffer filter Yang Hongyang
2015-08-10 9:21 ` Jason Wang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 09/10] filter/buffer: update command description and help Yang Hongyang
2015-08-07 2:46 ` [Qemu-devel] [PATCH v6 10/10] tests: add test cases for netfilter object Yang Hongyang
2015-08-11 7:12 ` Wen Congyang
2015-08-10 9:17 ` [Qemu-devel] [PATCH v6 00/10] For QEMU 2.5: Add a netfilter object and netbuffer filter Jason Wang
2015-08-14 1:26 ` Yang Hongyang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55C86CCD.1060405@redhat.com \
--to=jasowang@redhat.com \
--cc=armbru@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=lizhijian@cn.fujitsu.com \
--cc=mrhines@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=thuth@redhat.com \
--cc=yanghy@cn.fujitsu.com \
--cc=zhang.zhanghailiang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.