[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object
|
From: |
Yang Hongyang |
|
Subject: |
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object |
|
Date: |
Thu, 17 Sep 2015 09:23:14 +0800 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 |
Hi Eric,
On 09/17/2015 05:09 AM, Eric Blake wrote:
On 09/16/2015 06:15 AM, Yang Hongyang wrote:
Add a netfilter object based on QOM.
A netfilter is attached to a netdev, captures all network packets
that pass through the netdev. When we delete the netdev, we also
delete the netfilter object attached to it, because if the netdev is
removed, the filter which attached to it is useless.
QTAILQ_ENTRY next used by netdev, filter belongs to the specific netdev is
in this queue.
Also init delayed object after net_init_clients, because netfilters need
to be initialized after net clients initialized.
Signed-off-by: Yang Hongyang <address@hidden>
---
Interface review:
+++ b/qapi-schema.json
@@ -2551,6 +2551,24 @@
'opts': 'NetClientOptions' } }
##
+# @NetFilterChain
+#
+# netfilter chain, a netfilter is attached to a netdev, captures the
+# network packets of the netdev.
Grammar. Maybe:
This enum describes which packets are being tracked by a netfilter chain
attached as a filter to a netdev object.
Thanks!
+#
+# @all: the filter will receive packets both sent to/from the netdev, this
+# is the default chain.
+#
+# @in: the filter will receive packets sent to the netdev.
+#
+# @out: the filter will receive packets sent from the netdev.
+#
+# Since 2.5
+##
+{ 'enum': 'NetFilterChain',
+ 'data': [ 'all', 'in', 'out' ] }
I don't see any other QMP usage of this enum anywhere in the series. Are
you planning on supporting QMP? If so, let's get that design discussion
started. If not, why not?
This series is based on QOM, so the QMP command for object_add
will use this enum, for example:
1 { "execute": "qmp_capabilities" }
2 { "execute": "object-add",
3 "arguments": { "qom-type": "filter-buffer",
4 "id": "f0",
5 "props": { "netdev": "bn0",
6 "chain": "in",
7 "interval": 2000 } } }
for hmp:
object_add filter-buffer,id=f0,netdev=bn0,chain=in,interval=1000
command options:
-object filter-buffer,id=f0,netdev=bn0,chain=in,interval=1000
In particular, you may want to base things on top of my work to make QMP
'netdev_add' a full-fledged introspectible command (still pending some
qapi commits landing upstream):
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg02602.html
--
Thanks,
Yang.
[Qemu-devel] [PATCH v11 03/12] netfilter: hook packets before net queue send, Yang Hongyang, 2015/09/16
[Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Yang Hongyang, 2015/09/16
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Markus Armbruster, 2015/09/24
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Yang Hongyang, 2015/09/24
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Markus Armbruster, 2015/09/24
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Jason Wang, 2015/09/25
Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object, Markus Armbruster, 2015/09/25