From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38116) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZWE88-00031C-Dv for qemu-devel@nongnu.org; Sun, 30 Aug 2015 21:43:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZWE83-0003sl-IM for qemu-devel@nongnu.org; Sun, 30 Aug 2015 21:43:28 -0400 Received: from [59.151.112.132] (port=46256 helo=heian.cn.fujitsu.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZWE82-0003qf-Ol for qemu-devel@nongnu.org; Sun, 30 Aug 2015 21:43:23 -0400 Message-ID: <55E3B134.2000701@cn.fujitsu.com> Date: Mon, 31 Aug 2015 09:43:16 +0800 From: Yang Hongyang MIME-Version: 1.0 References: <1440583182-5828-1-git-send-email-yanghy@cn.fujitsu.com> <55DE80BC.4060305@redhat.com> In-Reply-To: <55DE80BC.4060305@redhat.com> Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH v8 00/11] Add a netfilter object and netbuffer filter List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Jason Wang , qemu-devel@nongnu.org Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com, lizhijian@cn.fujitsu.com, mrhines@linux.vnet.ibm.com, stefanha@redhat.com On 08/27/2015 11:15 AM, Jason Wang wrote: > > > On 08/26/2015 05:59 PM, Yang Hongyang wrote: >> This patch add a new object netfilter, capture all network packets. >> Also implement a netbuffer based on this object. >> the "buffer" netfilter could be used by VM FT solutions like >> MicroCheckpointing, to buffer/release packets. Or to simulate >> packet delay. >> >> You can also get the series from: >> https://github.com/macrosheep/qemu/tree/netfilter-v8 >> >> Usage: >> -netdev tap,id=bn0 >> -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000 >> -device e1000,netdev=bn0 >> >> dynamically add/remove netfilters: >> netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000 >> netfilter_del f0 >> >> NOTE: >> interval's scale is microsecond. >> chain is optional, and is one of in|out|all, default is "all". >> "in" means this filter will receive packets sent to the @netdev >> "out" means this filter will receive packets sent from the @netdev >> "all" means this filter will receive packets both sent to/from >> the @netdev >> >> TODO: >> - dump >> >> v8: >> - some minor fixes according to Thomas's comments >> - rebased to the latest master branch >> >> v7: >> - print filter info when execute 'info network' >> - addressed Jason's comments >> >> v6: >> - add multiqueue support, please see individual patch for detail >> >> v5: >> - add a sent_cb param to filter receive_iov api >> - squash the 4th patch into patch 3 >> - remove dummy sent_cb (buffer filter) >> - addressed Jason's other comments, see individual patches for detail >> >> v4: >> - get rid of struct Filter >> - squash the 4th patch into patch 2 >> - fix qemu_netfilter_pass_to_next_iov >> - get rid of bh (buffer filter) >> - release the packet to next filter instead of to receiver (buffer filter) >> >> v3: >> - add an api to pass the packet to next filter >> - remove netfilters when delete netdev >> - add qtest testcases for netfilter >> - addressed comments from Jason >> >> v2: >> - add a chain option to netfilter object >> - move the hook place earlier, before net_queue_send >> - drop the unused api in buffer filter >> - squash buffer filter patches into one >> - remove receive() api from netfilter, only receive_iov() is enough >> - addressed comments from Jason&Thomas >> >> v1: >> initial patch. >> >> Yang Hongyang (11): >> net: add a new object netfilter >> init/cleanup of netfilter object >> netfilter: add netfilter_{add|del} commands >> netfilter: hook packets before net queue send >> move out net queue structs define >> netfilter: add an API to pass the packet to next filter >> netfilter: print filter info associate with the netdev >> net/queue: export qemu_net_queue_append_iov >> netfilter: add a netbuffer filter >> filter/buffer: update command description and help >> tests: add test cases for netfilter object >> >> hmp-commands.hx | 30 +++++ >> hmp.c | 29 +++++ >> hmp.h | 4 + >> include/net/filter.h | 64 ++++++++++ >> include/net/net.h | 1 + >> include/net/queue.h | 26 ++++ >> include/qemu/typedefs.h | 1 + >> include/sysemu/sysemu.h | 1 + >> monitor.c | 33 +++++ >> net/Makefile.objs | 2 + >> net/filter-buffer.c | 125 ++++++++++++++++++ >> net/filter.c | 332 ++++++++++++++++++++++++++++++++++++++++++++++++ >> net/filters.h | 17 +++ >> net/net.c | 85 +++++++++++++ >> net/queue.c | 31 +---- >> qapi-schema.json | 100 +++++++++++++++ >> qemu-options.hx | 17 +++ >> qmp-commands.hx | 57 +++++++++ >> tests/.gitignore | 1 + >> tests/Makefile | 2 + >> tests/test-netfilter.c | 194 ++++++++++++++++++++++++++++ >> vl.c | 13 ++ >> 22 files changed, 1140 insertions(+), 25 deletions(-) >> create mode 100644 include/net/filter.h >> create mode 100644 net/filter-buffer.c >> create mode 100644 net/filter.c >> create mode 100644 net/filters.h >> create mode 100644 tests/test-netfilter.c >> > > Looks good to me. After addressing comments of interfaces, I think it > was pretty ready to be merged. Thank you, I will address them asap. > > Thanks > . > -- Thanks, Yang.