From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34336) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZgRI2-00011r-A0 for qemu-devel@nongnu.org; Mon, 28 Sep 2015 01:47:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZgRHz-0005RJ-2S for qemu-devel@nongnu.org; Mon, 28 Sep 2015 01:47:54 -0400 Received: from mx1.redhat.com ([209.132.183.28]:32777) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZgRHy-0005RC-RB for qemu-devel@nongnu.org; Mon, 28 Sep 2015 01:47:51 -0400 References: <1442405768-23019-1-git-send-email-yanghy@cn.fujitsu.com> <1442405768-23019-3-git-send-email-yanghy@cn.fujitsu.com> <87oagsryyg.fsf@blackfin.pond.sub.org> <5603BB0D.80302@cn.fujitsu.com> <87twqkm3uj.fsf@blackfin.pond.sub.org> <5604ED7C.7050107@redhat.com> <87fv2237yv.fsf@blackfin.pond.sub.org> From: Jason Wang Message-ID: <5608D485.5040106@redhat.com> Date: Mon, 28 Sep 2015 13:47:49 +0800 MIME-Version: 1.0 In-Reply-To: <87fv2237yv.fsf@blackfin.pond.sub.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Markus Armbruster Cc: thuth@redhat.com, zhang.zhanghailiang@huawei.com, lizhijian@cn.fujitsu.com, qemu-devel@nongnu.org, stefanha@redhat.com, Yang Hongyang On 09/25/2015 10:10 PM, Markus Armbruster wrote: > Jason Wang writes: > >> On 09/24/2015 07:52 PM, Markus Armbruster wrote: >>> Yang Hongyang writes: >>> >>>> On 09/24/2015 04:41 PM, Markus Armbruster wrote: >>>>> Yang Hongyang writes: > [...] >>>>>> diff --git a/qapi-schema.json b/qapi-schema.json >>>>>> index 2bada60..546500a 100644 >>>>>> --- a/qapi-schema.json >>>>>> +++ b/qapi-schema.json >>>>>> @@ -2551,6 +2551,24 @@ >>>>>> 'opts': 'NetClientOptions' } } >>>>>> >>>>>> ## >>>>>> +# @NetFilterChain >>>>>> +# >>>>>> +# netfilter chain, a netfilter is attached to a netdev, captures the >>>>>> +# network packets of the netdev. >>>>>> +# >>>>>> +# @all: the filter will receive packets both sent to/from the netdev, this >>>>>> +# is the default chain. >>>>>> +# >>>>>> +# @in: the filter will receive packets sent to the netdev. >>>>>> +# >>>>>> +# @out: the filter will receive packets sent from the netdev. >>>>> Uh, inhowfar is this a "chain"? As far as I can tell, it specifies >>>>> whether a netfilter is attached to the transmit queue, the receive >>>>> queue, or both. >>>> netback's input chain or output chain, queue is mostly like a word that >>>> related to the code implementation? English is not my first language, so >>>> I'm not sure about this. >>> Don't worry, we'll get the language polished together :) >>> >>> In PATCH 9, I learned how this is to be used: >>> >>> @item -object >>> filter-buffer,id=@var{id},netdev=@var{netdevid}[,chain=@var{all|in|out}][,interval=@var{t}] >>> >>> Buffer network packets on netdev @var{netdevid}. >>> [...] >>> chain @var{all|in|out} is an option that can be applied to any >>> netfilter, default is @option{all}. >>> >>> @option{all} means this filter will receive packets both sent >>> to/from the netdev >>> >>> @option{in} means this filter will receive packets sent to the netdev >>> >>> @option{out} means this filter will receive packets sent from the netdev >>> >>> In that context, "chain" makes more sense. I'd still call it "queue". >>> Precedence: -netdev parameter "queues". If I understand correctly, >>> queues=N asks for N rx and tx queues. A filter would either apply to >>> all N rx queues, all N tx queues, or all 2*N queues. Correct? >>> >>> [...] >> Yes. > I think "queue=rx", "queue=tx" and "queue=all" would make the most > sense. Unless there are more queues than rx and rx; then we'd have to > reconsider "queue=all". > > Call the enumeration type NetFilterDirection instead of NetFilterChain. Ok, this sounds better.