[Qemu-devel] [PATCH v5 00/10] For QEMU 2.5: Add a netfilter object and netbuffer filter

[Yang Hongyang <yanghy@cn.fujitsu.com>]

This patch add a new object netfilter, capture all network packets.
Also implement a netbuffer based on this object.
the "buffer" netfilter could be used by VM FT solutions like
MicroCheckpointing, to buffer/release packets. Or to simulate
packet delay.

The changes of this version v5 are according to comments from Jason.
See individual patch for detailed changes.
You can also get the series from:
https://github.com/macrosheep/qemu/tree/netfilter-v5

Usage:
 -netdev tap,id=bn0
 -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000
 -device e1000,netdev=bn0

dynamically add/remove netfilters:
 netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000
 netfilter_del f0

NOTE:
 interval's scale is microsecond.
 chain is optional, and is one of in|out|all, default is "all".
       "in" means this filter will receive packets sent to the @netdev
       "out" means this filter will receive packets sent from the @netdev
       "all" means this filter will receive packets both sent to/from
             the @netdev

TODO:
 - multiqueue support
 - dump

v5:
 - add a sent_cb param to filter receive_iov api
 - squash the 4th patch into patch 3
 - remove dummy sent_cb (buffer filter)
 - addressed Jason's other comments, see individual patches for detail

v4:
 - get rid of struct Filter
 - squash the 4th patch into patch 2
 - fix qemu_netfilter_pass_to_next_iov
 - get rid of bh (buffer filter)
 - release the packet to next filter instead of to receiver (buffer filter)

v3:
 - add an api to pass the packet to next filter
 - remove netfilters when delete netdev
 - add qtest testcases for netfilter
 - addressed comments from Jason

v2:
 - add a chain option to netfilter object
 - move the hook place earlier, before net_queue_send
 - drop the unused api in buffer filter
 - squash buffer filter patches into one
 - remove receive() api from netfilter, only receive_iov() is enough
 - addressed comments from Jason&Thomas

v1:
 initial patch.

Yang Hongyang (10):
  net: add a new object netfilter
  init/cleanup of netfilter object
  netfilter: add netfilter_{add|del} commands
  netfilter: hook packets before net queue send
  move out net queue structs define
  netfilter: add an API to pass the packet to next filter
  net/queue: export qemu_net_queue_append_iov
  netfilter: add a netbuffer filter
  filter/buffer: update command description and help
  tests: add test cases for netfilter object

 hmp-commands.hx         |  30 ++++++
 hmp.c                   |  29 +++++
 hmp.h                   |   4 +
 include/net/filter.h    |  63 +++++++++++
 include/net/net.h       |   1 +
 include/net/queue.h     |  26 +++++
 include/qemu/typedefs.h |   1 +
 include/sysemu/sysemu.h |   1 +
 monitor.c               |  33 ++++++
 net/Makefile.objs       |   2 +
 net/filter-buffer.c     | 122 +++++++++++++++++++++
 net/filter.c            | 280 ++++++++++++++++++++++++++++++++++++++++++++++++
 net/filters.h           |  17 +++
 net/net.c               |  77 +++++++++++++
 net/queue.c             |  31 ++----
 qapi-schema.json        | 100 +++++++++++++++++
 qemu-options.hx         |   4 +
 qmp-commands.hx         |  57 ++++++++++
 tests/.gitignore        |   1 +
 tests/Makefile          |   2 +
 tests/test-netfilter.c  | 194 +++++++++++++++++++++++++++++++++
 vl.c                    |  13 +++
 22 files changed, 1063 insertions(+), 25 deletions(-)
 create mode 100644 include/net/filter.h
 create mode 100644 net/filter-buffer.c
 create mode 100644 net/filter.c
 create mode 100644 net/filters.h
 create mode 100644 tests/test-netfilter.c

-- 
1.9.1