[Qemu-devel] [PATCH v7 00/11] Add a netfilter object and netbuffer filter

[Yang Hongyang <yanghy@cn.fujitsu.com>]

This patch add a new object netfilter, capture all network packets.
Also implement a netbuffer based on this object.
the "buffer" netfilter could be used by VM FT solutions like
MicroCheckpointing, to buffer/release packets. Or to simulate
packet delay.

You can also get the series from:
https://github.com/macrosheep/qemu/tree/netfilter-v7

Usage:
 -netdev tap,id=bn0
 -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000
 -device e1000,netdev=bn0

dynamically add/remove netfilters:
 netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000
 netfilter_del f0

NOTE:
 interval's scale is microsecond.
 chain is optional, and is one of in|out|all, default is "all".
       "in" means this filter will receive packets sent to the @netdev
       "out" means this filter will receive packets sent from the @netdev
       "all" means this filter will receive packets both sent to/from
             the @netdev

TODO:
 - dump

v7:
 - print filter info when execute 'info network'
 - addressed Jason's comments

v6:
 - add multiqueue support, please see individual patch for detail

v5:
 - add a sent_cb param to filter receive_iov api
 - squash the 4th patch into patch 3
 - remove dummy sent_cb (buffer filter)
 - addressed Jason's other comments, see individual patches for detail

v4:
 - get rid of struct Filter
 - squash the 4th patch into patch 2
 - fix qemu_netfilter_pass_to_next_iov
 - get rid of bh (buffer filter)
 - release the packet to next filter instead of to receiver (buffer filter)

v3:
 - add an api to pass the packet to next filter
 - remove netfilters when delete netdev
 - add qtest testcases for netfilter
 - addressed comments from Jason

v2:
 - add a chain option to netfilter object
 - move the hook place earlier, before net_queue_send
 - drop the unused api in buffer filter
 - squash buffer filter patches into one
 - remove receive() api from netfilter, only receive_iov() is enough
 - addressed comments from Jason&Thomas

v1:
 initial patch.

Yang Hongyang (11):
  net: add a new object netfilter
  init/cleanup of netfilter object
  netfilter: add netfilter_{add|del} commands
  netfilter: hook packets before net queue send
  move out net queue structs define
  netfilter: add an API to pass the packet to next filter
  netfilter: print filter info associate with the netdev
  net/queue: export qemu_net_queue_append_iov
  netfilter: add a netbuffer filter
  filter/buffer: update command description and help
  tests: add test cases for netfilter object

 hmp-commands.hx         |  30 +++++
 hmp.c                   |  29 +++++
 hmp.h                   |   4 +
 include/net/filter.h    |  64 ++++++++++
 include/net/net.h       |   1 +
 include/net/queue.h     |  26 ++++
 include/qemu/typedefs.h |   1 +
 include/sysemu/sysemu.h |   1 +
 monitor.c               |  33 +++++
 net/Makefile.objs       |   2 +
 net/filter-buffer.c     | 125 ++++++++++++++++++
 net/filter.c            | 333 ++++++++++++++++++++++++++++++++++++++++++++++++
 net/filters.h           |  17 +++
 net/net.c               |  85 ++++++++++++
 net/queue.c             |  31 +----
 qapi-schema.json        | 100 +++++++++++++++
 qemu-options.hx         |   4 +
 qmp-commands.hx         |  57 +++++++++
 tests/.gitignore        |   1 +
 tests/Makefile          |   2 +
 tests/test-netfilter.c  | 194 ++++++++++++++++++++++++++++
 vl.c                    |  13 ++
 22 files changed, 1128 insertions(+), 25 deletions(-)
 create mode 100644 include/net/filter.h
 create mode 100644 net/filter-buffer.c
 create mode 100644 net/filter.c
 create mode 100644 net/filters.h
 create mode 100644 tests/test-netfilter.c

-- 
1.9.1