From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47967) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZL1hl-0004gZ-Bg for qemu-devel@nongnu.org; Fri, 31 Jul 2015 00:13:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZL1hh-0006tO-Bm for qemu-devel@nongnu.org; Fri, 31 Jul 2015 00:13:57 -0400 Received: from [59.151.112.132] (port=14261 helo=heian.cn.fujitsu.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZL1hf-0006sZ-O5 for qemu-devel@nongnu.org; Fri, 31 Jul 2015 00:13:53 -0400 From: Yang Hongyang Date: Fri, 31 Jul 2015 12:13:25 +0800 Message-ID: <1438316014-8369-1-git-send-email-yanghy@cn.fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Qemu-devel] [PATCH v2 0/9] For QEMU 2.5: Add a netfilter object and netbuffer filter List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com, lizhijian@cn.fujitsu.com, jasowang@redhat.com, mrhines@linux.vnet.ibm.com, stefanha@redhat.com, Yang Hongyang This patch add a new object netfilter, capture all network packets. Also implement a netbuffer based on this object. the "buffer" netfilter could be used by VM FT solutions like MicroCheckpointing, to buffer/release packets. Or to simulate packet delay. Most of the changes of v2 are from Jason's comments. You can also get the series from: https://github.com/macrosheep/qemu/tree/netfilter-v2 Usage: -netdev tap,id=bn0 -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000 -device e1000,netdev=bn0 dynamically add/remove netfilters: netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000 netfilter_del f0 NOTE: interval's scale is microsecond. chain is optional, and is one of in|out|all, default is "all". "in" means this filter will receive packets sent to the @netdev "out" means this filter will receive packets sent from the @netdev "all" means this filter will receive packets both sent to/from the @netdev TODO: - multiqueue support - dump v2: - add a chain option to netfilter object - move the hook place earlier, before net_queue_send - drop the unused api in buffer filter - squash buffer filter patches into one - remove receive() api from netfilter, only receive_iov() is enough - addressed comments from Jason&Thomas v1: initial patch. Yang Hongyang (9): net: add a new object netfilter init/cleanup of netfilter object netfilter: add netfilter_{add|del} commands net: add/remove filters from network backend netfilter: hook packets before net queue send net/queue: export qemu_net_queue_append_iov move out net queue structs define netfilter: add a netbuffer filter filter/buffer: update command description and help hmp-commands.hx | 30 ++++++ hmp.c | 29 ++++++ hmp.h | 4 + include/net/filter.h | 55 +++++++++++ include/net/net.h | 8 ++ include/net/queue.h | 26 +++++ include/qemu/typedefs.h | 1 + include/sysemu/sysemu.h | 1 + monitor.c | 33 +++++++ net/Makefile.objs | 2 + net/filter-buffer.c | 160 ++++++++++++++++++++++++++++++ net/filter.c | 251 ++++++++++++++++++++++++++++++++++++++++++++++++ net/filters.h | 17 ++++ net/net.c | 105 +++++++++++++++++++- net/queue.c | 31 ++---- qapi-schema.json | 100 +++++++++++++++++++ qemu-options.hx | 4 + qmp-commands.hx | 57 +++++++++++ vl.c | 13 +++ 19 files changed, 901 insertions(+), 26 deletions(-) create mode 100644 include/net/filter.h create mode 100644 net/filter-buffer.c create mode 100644 net/filter.c create mode 100644 net/filters.h -- 1.9.1