From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:45070)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZOjDJ-00048Q-C8
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 05:17:50 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZOjDE-0003VQ-6N
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 05:17:49 -0400
Received: from mx1.redhat.com ([209.132.183.28]:47469)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZOjDD-0003VH-UM
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 05:17:44 -0400
Message-ID: <55C86C30.8080604@redhat.com>
Date: Mon, 10 Aug 2015 17:17:36 +0800
From: Jason Wang <jasowang@redhat.com>
MIME-Version: 1.0
References: <1438915585-30367-1-git-send-email-yanghy@cn.fujitsu.com>
In-Reply-To: <1438915585-30367-1-git-send-email-yanghy@cn.fujitsu.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v6 00/10] For QEMU 2.5: Add a netfilter
 object and netbuffer filter
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Yang Hongyang <yanghy@cn.fujitsu.com>, qemu-devel@nongnu.org
Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com, lizhijian@cn.fujitsu.com, mrhines@linux.vnet.ibm.com, stefanha@redhat.com



On 08/07/2015 10:46 AM, Yang Hongyang wrote:
> Add multiqueue support in v6.
>
> This patch add a new object netfilter, capture all network packets.
> Also implement a netbuffer based on this object.
> the "buffer" netfilter could be used by VM FT solutions like
> MicroCheckpointing, to buffer/release packets. Or to simulate
> packet delay.
>
> You can also get the series from:
> https://github.com/macrosheep/qemu/tree/netfilter-v6
>
> Usage:
>  -netdev tap,id=bn0
>  -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000
>  -device e1000,netdev=bn0
>
> dynamically add/remove netfilters:
>  netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000
>  netfilter_del f0
>
> NOTE:
>  interval's scale is microsecond.
>  chain is optional, and is one of in|out|all, default is "all".
>        "in" means this filter will receive packets sent to the @netdev
>        "out" means this filter will receive packets sent from the @netdev
>        "all" means this filter will receive packets both sent to/from
>              the @netdev
>
> TODO:
>  - dump
>
> v6:
>  - add multiqueue support, please see individual patch for detail
>
> v5:
>  - add a sent_cb param to filter receive_iov api
>  - squash the 4th patch into patch 3
>  - remove dummy sent_cb (buffer filter)
>  - addressed Jason's other comments, see individual patches for detail
>
> v4:
>  - get rid of struct Filter
>  - squash the 4th patch into patch 2
>  - fix qemu_netfilter_pass_to_next_iov
>  - get rid of bh (buffer filter)
>  - release the packet to next filter instead of to receiver (buffer filter)
>
> v3:
>  - add an api to pass the packet to next filter
>  - remove netfilters when delete netdev
>  - add qtest testcases for netfilter
>  - addressed comments from Jason
>
> v2:
>  - add a chain option to netfilter object
>  - move the hook place earlier, before net_queue_send
>  - drop the unused api in buffer filter
>  - squash buffer filter patches into one
>  - remove receive() api from netfilter, only receive_iov() is enough
>  - addressed comments from Jason&Thomas
>
> v1:
>  initial patch.
>
> Yang Hongyang (10):
>   net: add a new object netfilter
>   init/cleanup of netfilter object
>   netfilter: add netfilter_{add|del} commands
>   netfilter: hook packets before net queue send
>   move out net queue structs define
>   netfilter: add an API to pass the packet to next filter
>   net/queue: export qemu_net_queue_append_iov
>   netfilter: add a netbuffer filter
>   filter/buffer: update command description and help
>   tests: add test cases for netfilter object
>
>  hmp-commands.hx         |  30 +++++
>  hmp.c                   |  29 +++++
>  hmp.h                   |   4 +
>  include/net/filter.h    |  63 ++++++++++
>  include/net/net.h       |   1 +
>  include/net/queue.h     |  26 +++++
>  include/qemu/typedefs.h |   1 +
>  include/sysemu/sysemu.h |   1 +
>  monitor.c               |  33 ++++++
>  net/Makefile.objs       |   2 +
>  net/filter-buffer.c     | 126 ++++++++++++++++++++
>  net/filter.c            | 302 ++++++++++++++++++++++++++++++++++++++++++++++++
>  net/filters.h           |  17 +++
>  net/net.c               |  77 ++++++++++++
>  net/queue.c             |  31 +----
>  qapi-schema.json        | 100 ++++++++++++++++
>  qemu-options.hx         |   4 +
>  qmp-commands.hx         |  57 +++++++++
>  tests/.gitignore        |   1 +
>  tests/Makefile          |   2 +
>  tests/test-netfilter.c  | 194 +++++++++++++++++++++++++++++++
>  vl.c                    |  13 +++
>  22 files changed, 1089 insertions(+), 25 deletions(-)
>  create mode 100644 include/net/filter.h
>  create mode 100644 net/filter-buffer.c
>  create mode 100644 net/filter.c
>  create mode 100644 net/filters.h
>  create mode 100644 tests/test-netfilter.c
>

Thanks for the patches. Overall looks good to me, just have some minor
comments, see individual patches for details.

I think we need something like "info filter" to display filters
information, or just add them in "info network"