This patch add a new object netfilter, capture all network packets. Also implement a netbuffer based on this object. the "buffer" netfilter could be used by VM FT solutions like MicroCheckpointing, to buffer/release packets. Or to simulate packet delay.
The changes of this version v5 are according to comments from Jason. See individual patch for detailed changes. You can also get the series from: https://github.com/macrosheep/qemu/tree/netfilter-v5 Usage: -netdev tap,id=bn0 -netfilter buffer,id=f0,netdev=bn0,chain=in,interval=1000 -device e1000,netdev=bn0 dynamically add/remove netfilters: netfilter_add buffer,id=f0,netdev=bn0,chain=in,interval=1000 netfilter_del f0 NOTE: interval's scale is microsecond. chain is optional, and is one of in|out|all, default is "all". "in" means this filter will receive packets sent to the @netdev "out" means this filter will receive packets sent from the @netdev "all" means this filter will receive packets both sent to/from the @netdev TODO: - multiqueue support - dump v5: - add a sent_cb param to filter receive_iov api - squash the 4th patch into patch 3 - remove dummy sent_cb (buffer filter) - addressed Jason's other comments, see individual patches for detail v4: - get rid of struct Filter - squash the 4th patch into patch 2 - fix qemu_netfilter_pass_to_next_iov - get rid of bh (buffer filter) - release the packet to next filter instead of to receiver (buffer filter) v3: - add an api to pass the packet to next filter - remove netfilters when delete netdev - add qtest testcases for netfilter - addressed comments from Jason v2: - add a chain option to netfilter object - move the hook place earlier, before net_queue_send - drop the unused api in buffer filter - squash buffer filter patches into one - remove receive() api from netfilter, only receive_iov() is enough - addressed comments from Jason&Thomas v1: initial patch. Yang Hongyang (10): net: add a new object netfilter init/cleanup of netfilter object netfilter: add netfilter_{add|del} commands netfilter: hook packets before net queue send move out net queue structs define netfilter: add an API to pass the packet to next filter net/queue: export qemu_net_queue_append_iov netfilter: add a netbuffer filter filter/buffer: update command description and help tests: add test cases for netfilter object hmp-commands.hx | 30 ++++++ hmp.c | 29 +++++ hmp.h | 4 + include/net/filter.h | 63 +++++++++++ include/net/net.h | 1 + include/net/queue.h | 26 +++++ include/qemu/typedefs.h | 1 + include/sysemu/sysemu.h | 1 + monitor.c | 33 ++++++ net/Makefile.objs | 2 + net/filter-buffer.c | 122 +++++++++++++++++++++ net/filter.c | 280 ++++++++++++++++++++++++++++++++++++++++++++++++ net/filters.h | 17 +++ net/net.c | 77 +++++++++++++ net/queue.c | 31 ++---- qapi-schema.json | 100 +++++++++++++++++ qemu-options.hx | 4 + qmp-commands.hx | 57 ++++++++++ tests/.gitignore | 1 + tests/Makefile | 2 + tests/test-netfilter.c | 194 +++++++++++++++++++++++++++++++++ vl.c | 13 +++ 22 files changed, 1063 insertions(+), 25 deletions(-) create mode 100644 include/net/filter.h create mode 100644 net/filter-buffer.c create mode 100644 net/filter.c create mode 100644 net/filters.h create mode 100644 tests/test-netfilter.c -- 1.9.1