From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43744) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZfTiD-0001Fv-Ep for qemu-devel@nongnu.org; Fri, 25 Sep 2015 10:10:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZfTi9-0000EG-4y for qemu-devel@nongnu.org; Fri, 25 Sep 2015 10:10:57 -0400 Received: from mx1.redhat.com ([209.132.183.28]:44301) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZfTi8-0000BJ-Or for qemu-devel@nongnu.org; Fri, 25 Sep 2015 10:10:53 -0400 From: Markus Armbruster References: <1442405768-23019-1-git-send-email-yanghy@cn.fujitsu.com> <1442405768-23019-3-git-send-email-yanghy@cn.fujitsu.com> <87oagsryyg.fsf@blackfin.pond.sub.org> <5603BB0D.80302@cn.fujitsu.com> <87twqkm3uj.fsf@blackfin.pond.sub.org> <5604ED7C.7050107@redhat.com> Date: Fri, 25 Sep 2015 16:10:48 +0200 In-Reply-To: <5604ED7C.7050107@redhat.com> (Jason Wang's message of "Fri, 25 Sep 2015 14:45:16 +0800") Message-ID: <87fv2237yv.fsf@blackfin.pond.sub.org> MIME-Version: 1.0 Content-Type: text/plain Subject: Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Jason Wang Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com, lizhijian@cn.fujitsu.com, qemu-devel@nongnu.org, stefanha@redhat.com, Yang Hongyang Jason Wang writes: > On 09/24/2015 07:52 PM, Markus Armbruster wrote: >> Yang Hongyang writes: >> >>> On 09/24/2015 04:41 PM, Markus Armbruster wrote: >>>> Yang Hongyang writes: [...] >>>>> diff --git a/qapi-schema.json b/qapi-schema.json >>>>> index 2bada60..546500a 100644 >>>>> --- a/qapi-schema.json >>>>> +++ b/qapi-schema.json >>>>> @@ -2551,6 +2551,24 @@ >>>>> 'opts': 'NetClientOptions' } } >>>>> >>>>> ## >>>>> +# @NetFilterChain >>>>> +# >>>>> +# netfilter chain, a netfilter is attached to a netdev, captures the >>>>> +# network packets of the netdev. >>>>> +# >>>>> +# @all: the filter will receive packets both sent to/from the netdev, this >>>>> +# is the default chain. >>>>> +# >>>>> +# @in: the filter will receive packets sent to the netdev. >>>>> +# >>>>> +# @out: the filter will receive packets sent from the netdev. >>>> Uh, inhowfar is this a "chain"? As far as I can tell, it specifies >>>> whether a netfilter is attached to the transmit queue, the receive >>>> queue, or both. >>> netback's input chain or output chain, queue is mostly like a word that >>> related to the code implementation? English is not my first language, so >>> I'm not sure about this. >> Don't worry, we'll get the language polished together :) >> >> In PATCH 9, I learned how this is to be used: >> >> @item -object >> filter-buffer,id=@var{id},netdev=@var{netdevid}[,chain=@var{all|in|out}][,interval=@var{t}] >> >> Buffer network packets on netdev @var{netdevid}. >> [...] >> chain @var{all|in|out} is an option that can be applied to any >> netfilter, default is @option{all}. >> >> @option{all} means this filter will receive packets both sent >> to/from the netdev >> >> @option{in} means this filter will receive packets sent to the netdev >> >> @option{out} means this filter will receive packets sent from the netdev >> >> In that context, "chain" makes more sense. I'd still call it "queue". >> Precedence: -netdev parameter "queues". If I understand correctly, >> queues=N asks for N rx and tx queues. A filter would either apply to >> all N rx queues, all N tx queues, or all 2*N queues. Correct? >> >> [...] > > Yes. I think "queue=rx", "queue=tx" and "queue=all" would make the most sense. Unless there are more queues than rx and rx; then we'd have to reconsider "queue=all". Call the enumeration type NetFilterDirection instead of NetFilterChain.