Hi, I’d like to use ALGs other than FTP (TFTP, and another one that I’m writing) and see several barriers in OVS that appear to be mostly artificial. Here’s my understanding - please correct where necessary:
• the command-line parser will only allow “alg=ftp”, and if this is found it encodes FTP’s control port (21) in the OF message. • there’s some code in 'lib/ofp-actions.c’ that seems to allow use of other ports: ‘format_alg()’, but it doesn’t seem to be used anywhere. • the code where the netlink message to the kernel is constructed (‘put_connhelper()’ in ofproto-dpif-xlate.c) converts the numeric 21, if found, into the string “ftp” and sends it to the kernel, and has an error for any other value. • kernel code takes the string and does a lookup of registered conntrack helpers based on name. I assume only FTP is allowed because it’s common and easy to test? I don’t understand why there’s the intermediate numeric translation, since both ends (command line and kernel code) work with a string. Why not allow an arbitrary string (with a length limit) to go all the way through? Is the concern that it’s hard to properly return errors if an invalid string is entered? I’ll get started on coding up a patch, but am really interested in understanding the design decision. thanks, Ben _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
