Re: [PATCH v5 3/4] net/filter.c: Add Options to insert filters anywhere in the filter list

[Lukas Straub]

On Thu, 26 Sep 2019 17:02:58 +0000
"Zhang, Chen" <address@hidden> wrote:
> > diff --git a/qemu-options.hx b/qemu-options.hx index
> > 08749a3391..23fa5a344e 100644
> > --- a/qemu-options.hx
> > +++ b/qemu-options.hx
> > @@ -4368,7 +4368,7 @@ applications, they can do this through this
> > parameter. Its format is  a gnutls priority string as described at
> > @url{https://gnutls.org/manual/html_node/Priority-Strings.html}.
> >
> > -@item -object filter-
> > buffer,id=@var{id},netdev=@var{netdevid},interval=@var{t}[,queue=@var{
> > all|rx|tx}][,status=@var{on|off}]
> > +@item -object
> > +filter-buffer,id=@var{id},netdev=@var{netdevid},interval=@var{t}[,queue
> > +=@var{all|rx|tx}][,status=@var{on|off}][,position=@var{head|tail|id=<id
> > +>}][,insert=@var{behind|before}]
> >
> >  Interval @var{t} can't be 0, this filter batches the packet delivery: all  
> > packets
> > arriving in a given interval on netdev @var{netdevid} are delayed @@ -
> > 4387,11 +4387,11 @@ queue @var{all|rx|tx} is an option that can be applied
> > to any netfilter.
> >  @option{tx}: the filter is attached to the transmit queue of the netdev,
> >               where it will receive packets sent by the netdev.
> >
> > -@item -object filter-
> > mirror,id=@var{id},netdev=@var{netdevid},outdev=@var{chardevid},queue
> > =@var{all|rx|tx}[,vnet_hdr_support]
> > +@item -object
> > +filter-mirror,id=@var{id},netdev=@var{netdevid},outdev=@var{chardevid},
> > +queue=@var{all|rx|tx}[,vnet_hdr_support][,position=@var{head|tail|id=<
> > i
> > +d>}][,insert=@var{behind|before}]
> >
> >  filter-mirror on netdev @var{netdevid},mirror net packet to
> > chardev@var{chardevid}, if it has the vnet_hdr_support flag, filter-mirror 
> > will
> > mirror packet with vnet_hdr_len.
> >
>
> Please add description for the newly added parameter in each filter.
> After that:
> Reviewed-by: Zhang Chen <address@hidden>
>
> Thanks
> Zhang Chen

Hi,
I will add a single description like its currently done with the "queue" 
option, noting that
it applies to any netfilter. Is that Ok?

Regards,
Lukas Straub

>
> > -@item -object filter-
> > redirector,id=@var{id},netdev=@var{netdevid},indev=@var{chardevid},out
> > dev=@var{chardevid},queue=@var{all|rx|tx}[,vnet_hdr_support]
> > +@item -object
> > +filter-redirector,id=@var{id},netdev=@var{netdevid},indev=@var{chardevi
> > +d},outdev=@var{chardevid},queue=@var{all|rx|tx}[,vnet_hdr_support][,p
> > os
> > +ition=@var{head|tail|id=<id>}][,insert=@var{behind|before}]
> >
> >  filter-redirector on netdev @var{netdevid},redirect filter's net packet to
> > chardev  @var{chardevid},and redirect indev's packet to filter.if it has the
> > vnet_hdr_support flag, @@ -4400,7 +4400,7 @@ Create a filter-redirector
> > we need to differ outdev id from indev id, id can not  be the same. we can
> > just use indev or outdev, but at least one of indev or outdev  need to be
> > specified.
> >
> > -@item -object filter-
> > rewriter,id=@var{id},netdev=@var{netdevid},queue=@var{all|rx|tx},[vnet_
> > hdr_support]
> > +@item -object
> > +filter-rewriter,id=@var{id},netdev=@var{netdevid},queue=@var{all|rx|tx}
> > +,[vnet_hdr_support][,position=@var{head|tail|id=<id>}][,insert=@var{beh
> > +ind|before}]
> >
> >  Filter-rewriter is a part of COLO project.It will rewrite tcp packet to
> > secondary from primary to keep secondary tcp connection,and rewrite @@ -
> > 4413,7 +4413,7 @@ colo secondary:
> >  -object filter-redirector,id=f2,netdev=hn0,queue=rx,outdev=red1
> >  -object filter-rewriter,id=rew0,netdev=hn0,queue=all
> >
> > -@item -object filter-
> > dump,id=@var{id},netdev=@var{dev}[,file=@var{filename}][,maxlen=@var{
> > len}]
> > +@item -object
> > +filter-
> > dump,id=@var{id},netdev=@var{dev}[,file=@var{filename}][,maxlen=
> > +@var{len}][,position=@var{head|tail|id=<id>}][,insert=@var{behind|befor
> > +e}]
> >
> >  Dump the network traffic on netdev @var{dev} to the file specified by
> > @var{filename}. At most @var{len} bytes (64k by default) per packet are
> > stored.
> > --
> > 2.20.1
>