On 09/16/2015 08:15 PM, Yang Hongyang wrote: > This patch add an netfilter abstract object, captures all network packets > on associated netdev. Also implement a concrete filter buffer based on > this abstract object. the "buffer" netfilter could be used by VM FT solutions > like MicroCheckpointing, to buffer/release packets. Or to simulate > packet delay. > > You can also get the series from: > https://github.com/macrosheep/qemu/tree/netfilter-v11 > > Usage: > -netdev tap,id=bn0 > -device e1000,netdev=bn0 > -object filter-buffer,id=f0,netdev=bn0,chain=in,interval=1000 > > dynamically add/remove netfilters: > object_add filter-buffer,id=f0,netdev=bn0,chain=in,interval=1000 > object_del f0 > > NOTE: > interval's scale is microsecond. > chain is optional, and is one of in|out|all, default is "all". > "in" means this filter will receive packets sent to the @netdev > "out" means this filter will receive packets sent from the @netdev > "all" means this filter will receive packets both sent to/from > the @netdev > > v11: > - address Jason&Daniel's comments > - add multiqueue support, the last 2 patches > - rebased to the latest master > > v10: > - Reimplemented using QOM (suggested by stefan) > - Do not export NetQueue internals (suggested by stefan) > - see individual patch for detail > > v9: > - squash command description and help to patch 1&3 > - qapi changes according to Markus&Eric's comments > - see individual patch for detail > > v8: > - some minor fixes according to Thomas's comments > - rebased to the latest master branch > > v7: > - print filter info when execute 'info network' > - addressed Jason's comments > > v6: > - add multiqueue support, please see individual patch for detail > > v5: > - add a sent_cb param to filter receive_iov api > - squash the 4th patch into patch 3 > - remove dummy sent_cb (buffer filter) > - addressed Jason's other comments, see individual patches for detail > > v4: > - get rid of struct Filter > - squash the 4th patch into patch 2 > - fix qemu_netfilter_pass_to_next_iov > - get rid of bh (buffer filter) > - release the packet to next filter instead of to receiver (buffer filter) > > v3: > - add an api to pass the packet to next filter > - remove netfilters when delete netdev > - add qtest testcases for netfilter > - addressed comments from Jason > > v2: > - add a chain option to netfilter object > - move the hook place earlier, before net_queue_send > - drop the unused api in buffer filter > - squash buffer filter patches into one > - remove receive() api from netfilter, only receive_iov() is enough > - addressed comments from Jason&Thomas > > v1: > initial patch. > > Yang Hongyang (12): > qmp: delete qemu opts when delete an object > init/cleanup of netfilter object > netfilter: hook packets before net queue send > net: merge qemu_deliver_packet and qemu_deliver_packet_iov > net/queue: introduce NetQueueDeliverFunc > netfilter: add an API to pass the packet to next filter > netfilter: print filter info associate with the netdev > net/queue: export qemu_net_queue_append_iov > netfilter: add a netbuffer filter > tests: add test cases for netfilter object > netfilter/multiqueue: introduce netfilter name > netfilter: add multiqueue support > > include/net/filter.h | 76 ++++++++++++ > include/net/net.h | 6 +- > include/net/queue.h | 20 +++- > include/qemu/typedefs.h | 1 + > net/Makefile.objs | 2 + > net/filter-buffer.c | 170 +++++++++++++++++++++++++++ > net/filter.c | 306 > ++++++++++++++++++++++++++++++++++++++++++++++++ > net/net.c | 108 +++++++++++++---- > net/queue.c | 24 ++-- > qapi-schema.json | 18 +++ > qemu-options.hx | 18 +++ > qmp.c | 4 + > tests/.gitignore | 1 + > tests/Makefile | 2 + > tests/test-netfilter.c | 200 +++++++++++++++++++++++++++++++ > vl.c | 18 ++- > 16 files changed, 927 insertions(+), 47 deletions(-) > create mode 100644 include/net/filter.h > create mode 100644 net/filter-buffer.c > create mode 100644 net/filter.c > create mode 100644 tests/test-netfilter.c >
Want to merge this. But have comments on patch 4 and multiqueue patches. I suggest to drop them in next version so I can merge to reduce the review iterations. Other optimizations and fixups could be done on top. Thanks
