Re: [Qemu-devel] [PATCH v11 02/12] init/cleanup of netfilter object

Fri, 25 Sep 2015 07:35:45 -0700 

Jason Wang <jasow...@redhat.com> writes:

> On 09/24/2015 07:52 PM, Markus Armbruster wrote:
>> Yang Hongyang <yan...@cn.fujitsu.com> writes:
>>
>>> On 09/24/2015 04:41 PM, Markus Armbruster wrote:
>>>> Yang Hongyang <yan...@cn.fujitsu.com> writes:
[...]
>>>>> diff --git a/qapi-schema.json b/qapi-schema.json
>>>>> index 2bada60..546500a 100644
>>>>> --- a/qapi-schema.json
>>>>> +++ b/qapi-schema.json
>>>>> @@ -2551,6 +2551,24 @@
>>>>>       'opts': 'NetClientOptions' } }
>>>>>
>>>>>   ##
>>>>> +# @NetFilterChain
>>>>> +#
>>>>> +# netfilter chain, a netfilter is attached to a netdev, captures the
>>>>> +# network packets of the netdev.
>>>>> +#
>>>>> +# @all: the filter will receive packets both sent to/from the netdev, 
>>>>> this
>>>>> +#       is the default chain.
>>>>> +#
>>>>> +# @in: the filter will receive packets sent to the netdev.
>>>>> +#
>>>>> +# @out: the filter will receive packets sent from the netdev.
>>>> Uh, inhowfar is this a "chain"?  As far as I can tell, it specifies
>>>> whether a netfilter is attached to the transmit queue, the receive
>>>> queue, or both.
>>> netback's input chain or output chain, queue is mostly like a word that
>>> related to the code implementation? English is not my first language, so
>>> I'm not sure about this.
>> Don't worry, we'll get the language polished together :)
>>
>> In PATCH 9, I learned how this is to be used:
>>
>>     @item -object
>> filter-buffer,id=@var{id},netdev=@var{netdevid}[,chain=@var{all|in|out}][,interval=@var{t}]
>>
>>     Buffer network packets on netdev @var{netdevid}.
>> [...]
>>     chain @var{all|in|out} is an option that can be applied to any
>> netfilter, default is @option{all}.
>>
>>     @option{all} means this filter will receive packets both sent
>> to/from the netdev
>>
>>     @option{in} means this filter will receive packets sent to the netdev
>>
>>     @option{out} means this filter will receive packets sent from the netdev
>>
>> In that context, "chain" makes more sense.  I'd still call it "queue".
>> Precedence: -netdev parameter "queues".  If I understand correctly,
>> queues=N asks for N rx and tx queues.  A filter would either apply to
>> all N rx queues, all N tx queues, or all 2*N queues.  Correct?
>>
>> [...]
>
> Yes.

I think "queue=rx", "queue=tx" and "queue=all" would make the most
sense.  Unless there are more queues than rx and rx; then we'd have to
reconsider "queue=all".

Call the enumeration type NetFilterDirection instead of NetFilterChain.

Reply via email to