From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59480) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aVDF7-00016v-1B for qemu-devel@nongnu.org; Mon, 15 Feb 2016 02:06:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aVDF2-0002j5-V1 for qemu-devel@nongnu.org; Mon, 15 Feb 2016 02:06:44 -0500 Received: from [59.151.112.132] (port=56601 helo=heian.cn.fujitsu.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aVDF0-0002hP-Lk for qemu-devel@nongnu.org; Mon, 15 Feb 2016 02:06:40 -0500 References: <1454571834-18021-1-git-send-email-zhangchen.fnst@cn.fujitsu.com> <1454571834-18021-2-git-send-email-zhangchen.fnst@cn.fujitsu.com> <56B3133A.9060809@cn.fujitsu.com> <56C160D9.305@redhat.com> From: Zhang Chen Message-ID: <56C17903.7030809@cn.fujitsu.com> Date: Mon, 15 Feb 2016 15:06:43 +0800 MIME-Version: 1.0 In-Reply-To: <56C160D9.305@redhat.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH V3 1/2] net/filter-mirror:Add filter-mirror List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Jason Wang , qemu devel Cc: "Dr. David Alan Gilbert" , Yang Hongyang , Li Zhijian , zhanghailiang On 02/15/2016 01:23 PM, Jason Wang wrote: > > On 02/04/2016 05:00 PM, Zhang Chen wrote: >> >> On 02/04/2016 03:43 PM, Zhang Chen wrote: >>> From: ZhangChen >>> >>> Filter-mirror is a netfilter plugin. >>> It gives qemu the ability to copy and mirror guest's >>> net packet. we output packet to chardev. > To make it compact, how about "It gives qemu the ability to mirror > packets to a chardev."? OK, will fix it in next version. >>> usage: >>> >>> -netdev tap,id=hn0 >>> -chardev socket,id=mirror0,host=ip_primary,port=X,server,nowait >>> -filter-mirror,id=m0,netdev=hn0,queue=tx/rx/all,outdev=mirror0 > An issue with mirror (and dump) is that it can not work correctly with > the netdev that has a vnet header. Need to fix this, a possible solution > is to checksum the buffer and strip the header before passing it to a > chardev. > Thanks, I don't consider about vnet, we will fix it in next version. >>> Signed-off-by: ZhangChen >>> Signed-off-by: Wen Congyang >>> Reviewed-by: Yang Hongyang >>> Reviewed-by: zhanghailiang >>> --- >>> net/Makefile.objs | 1 + >>> net/filter-mirror.c | 171 >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> qemu-options.hx | 5 ++ >>> vl.c | 3 +- >>> 4 files changed, 179 insertions(+), 1 deletion(-) >>> create mode 100644 net/filter-mirror.c >>> >>> diff --git a/net/Makefile.objs b/net/Makefile.objs >>> index 5fa2f97..de06ebe 100644 >>> --- a/net/Makefile.objs >>> +++ b/net/Makefile.objs >>> @@ -15,3 +15,4 @@ common-obj-$(CONFIG_VDE) += vde.o >>> common-obj-$(CONFIG_NETMAP) += netmap.o >>> common-obj-y += filter.o >>> common-obj-y += filter-buffer.o >>> +common-obj-y += traffic-mirror.o >> s/traffic-mirror.o/filter-mirror.o/ rebase error.... >> >>> diff --git a/net/filter-mirror.c b/net/filter-mirror.c >>> new file mode 100644 >>> index 0000000..87ccaf5 >>> --- /dev/null >>> +++ b/net/filter-mirror.c >>> @@ -0,0 +1,171 @@ >>> +/* >>> + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD. >>> + * Copyright (c) 2016 FUJITSU LIMITED >>> + * Copyright (c) 2016 Intel Corporation >>> + * >>> + * Author: Zhang Chen >>> + * >>> + * This work is licensed under the terms of the GNU GPL, version 2 or >>> + * later. See the COPYING file in the top-level directory. >>> + */ >>> + >>> +#include "net/filter.h" >>> +#include "net/net.h" >>> +#include "qemu-common.h" >>> +#include "qapi/qmp/qerror.h" >>> +#include "qapi-visit.h" >>> +#include "qom/object.h" >>> +#include "qemu/main-loop.h" >>> +#include "qemu/error-report.h" >>> +#include "trace.h" >>> +#include "sysemu/char.h" >>> +#include "qemu/iov.h" >>> +#include "qemu/sockets.h" >>> + >>> +#define FILTER_MIRROR(obj) \ >>> + OBJECT_CHECK(MirrorState, (obj), TYPE_FILTER_MIRROR) >>> + >>> +#define TYPE_FILTER_MIRROR "filter-mirror" >>> + >>> +typedef struct MirrorState { >>> + NetFilterState parent_obj; >>> + char *outdev; >>> + CharDriverState *chr_out; >>> +} MirrorState; >>> + >>> +static ssize_t filter_mirror_send(NetFilterState *nf, >>> + const struct iovec *iov, >>> + int iovcnt) >>> +{ >>> + MirrorState *s = FILTER_MIRROR(nf); >>> + ssize_t ret = 0; >>> + ssize_t size = 0; >>> + uint32_t len = 0; >>> + char *buf; >>> + >>> + size = iov_size(iov, iovcnt); >>> + len = htonl(size); >>> + if (!size) { >>> + return 0; >>> + } >>> + >>> + buf = g_malloc0(size); >>> + iov_to_buf(iov, iovcnt, 0, buf, size); >>> + ret = qemu_chr_fe_write_all(s->chr_out, (uint8_t *)&len, >>> sizeof(len)); >>> + if (ret < 0) { > I believe we should also fail when ret < sizeof(len) and modify the > caller check in filter_mirror_iov(). To make this a little bit easier, > there's no need to return ssize_t here (otherwise, caller need to call > iov_size() before checking the return value), just return 0 for success > and -EFXXX for failure. OK, will fix it in next version Thanks zhangchen > Other looks good. > > > > . > -- Thanks zhangchen