qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] net/filter-redirector:Add filter-redirector

From: Zhang Chen
Subject: Re: [Qemu-devel] [PATCH] net/filter-redirector:Add filter-redirector
Date: Wed, 24 Feb 2016 17:03:25 +0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 


On 02/24/2016 11:39 AM, Jason Wang wrote:


On 02/18/2016 03:50 PM, Zhang Chen wrote:


On 02/18/2016 10:41 AM, Jason Wang wrote:

On 02/05/2016 02:50 PM, Zhang Chen wrote:

From: ZhangChen <address@hidden>

Filter-redirector is a netfilter plugin.
It gives qemu the ability to redirect net packet.
redirector can redirect filter's net packet to outdev.
and redirect indev's packet to filter.

                               filter
                                 +
                                 |
                                 |
                redirector       |
                 +-------------------------+
                 |               |         |
                 |               |         |
                 |               |         |
    indev +----------------+     +---------------->  outdev
                 |         |               |
                 |         |               |
                 |         |               |
                 +-------------------------+
                           |
                           |
                           v
                        filter

                                   v

change it to           filter ........ filter ...... guest
It's may more clearly expressed.


usage:

-netdev tap,id=hn0
-chardev socket,id=s0,host=ip_primary,port=X,server,nowait
-chardev socket,id=s1,host=ip_primary,port=Y,server,nowait
-filter-redirector,id=r0,netdev=hn0,queue=tx/rx/all,indev=s0,outdev=s1

Signed-off-by: ZhangChen <address@hidden>
Signed-off-by: Wen Congyang <address@hidden>
---

Thanks a lot for the patch. Like mirror, let's design a unit-test for
this. And what's more, is there any chance to unify the codes? (At least
parts of the codes could be reused).

We can make filter-redirector based on filter-mirror.
if you want to use redirector ,you must open mirror before.
like this:

-netdev tap,id=hn0
-chardev socket,id=mirror0,host=ip_primary,port=X,server,nowait
-filter-mirror,id=m0,netdev=hn0,queue=tx/rx/all,redirector=on,outdev=mirror0

-filter-redirector,id=r0,netdev=hn0,queue=tx/rx/all,indev=s0

How about this?

This looks like a burden for user who just want to use redirector. Maybe
we can do :

- Still two type of filters but sharing a single state.
- Using a internal flag to differ mirrors from redirectors?


Good idea~ I will change it in next version.






   net/Makefile.objs       |   1 +
   net/filter-redirector.c | 245
++++++++++++++++++++++++++++++++++++++++++++++++
   qemu-options.hx         |   6 ++
   vl.c                    |   3 +-
   4 files changed, 254 insertions(+), 1 deletion(-)
   create mode 100644 net/filter-redirector.c

diff --git a/net/Makefile.objs b/net/Makefile.objs
index 5fa2f97..f4290a5 100644
--- a/net/Makefile.objs
+++ b/net/Makefile.objs
@@ -15,3 +15,4 @@ common-obj-$(CONFIG_VDE) += vde.o
   common-obj-$(CONFIG_NETMAP) += netmap.o
   common-obj-y += filter.o
   common-obj-y += filter-buffer.o
+common-obj-y += filter-redirector.o
diff --git a/net/filter-redirector.c b/net/filter-redirector.c
new file mode 100644
index 0000000..364e463
--- /dev/null
+++ b/net/filter-redirector.c
@@ -0,0 +1,245 @@
+/*
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ * Copyright (c) 2016 FUJITSU LIMITED
+ * Copyright (c) 2016 Intel Corporation
+ *
+ * Author: Zhang Chen <address@hidden>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#include "net/filter.h"
+#include "net/net.h"
+#include "qemu-common.h"
+#include "qapi/qmp/qerror.h"
+#include "qapi-visit.h"
+#include "qom/object.h"
+#include "qemu/main-loop.h"
+#include "qemu/error-report.h"
+#include "trace.h"
+#include "sysemu/char.h"
+#include "qemu/iov.h"
+#include "qemu/sockets.h"
+
+#define FILTER_REDIRECTOR(obj) \
+    OBJECT_CHECK(RedirectorState, (obj), TYPE_FILTER_REDIRECTOR)
+
+#define TYPE_FILTER_REDIRECTOR "filter-redirector"
+#define REDIRECT_HEADER_LEN sizeof(uint32_t)
+
+typedef struct RedirectorState {
+    NetFilterState parent_obj;
+    NetQueue *incoming_queue;/* guest normal net queue */

The comment looks unless and maybe even wrong when queue=rx?

We design redirector that indev's data always be passed to guest finally.
so, It's no relation between the queue=rx/tx/all. just related to
indev = xxx.
we need incoming_queue to inject packet from indev.

So what happens if queue=rx or you want to forbid queue=rx for redirector?
If queue=rx, filter-redirector will get the packet that guest send, then redirect to outdev(if none, do nothing). but queue=rx/tx/all not related to indev. please 
look the flow chart below. queue=xxx just work for one way(filter->outdev).

                              filter
                                +
                                |
                                |
               redirector       |
                +-------------------------+
                |               |         |
                |               |         |
                |               |         |
   indev +----------------+     +---------------->  outdev
                |         |               |
                |         |               |
                |         |               |
                +-------------------------+
                          |
                          |
                          v
                       filter

                          |

                          |

                          v
                       filter ........ filter ...... guest



.



--
Thanks
zhangchen
reply via email to
[Prev in Thread] Current Thread [Next in Thread]