On 02/24/2016 11:39 AM, Jason Wang wrote:
On 02/18/2016 03:50 PM, Zhang Chen wrote:
On 02/18/2016 10:41 AM, Jason Wang wrote:
On 02/05/2016 02:50 PM, Zhang Chen wrote:
From: ZhangChen <zhangchen.f...@cn.fujitsu.com>
Filter-redirector is a netfilter plugin.
It gives qemu the ability to redirect net packet.
redirector can redirect filter's net packet to outdev.
and redirect indev's packet to filter.
filter
+
|
|
redirector |
+-------------------------+
| | |
| | |
| | |
indev +----------------+ +----------------> outdev
| | |
| | |
| | |
+-------------------------+
|
|
v
filter
v
change it to filter ........ filter ...... guest
It's may more clearly expressed.
usage:
-netdev tap,id=hn0
-chardev socket,id=s0,host=ip_primary,port=X,server,nowait
-chardev socket,id=s1,host=ip_primary,port=Y,server,nowait
-filter-redirector,id=r0,netdev=hn0,queue=tx/rx/all,indev=s0,outdev=s1
Signed-off-by: ZhangChen <zhangchen.f...@cn.fujitsu.com>
Signed-off-by: Wen Congyang <we...@cn.fujitsu.com>
---
Thanks a lot for the patch. Like mirror, let's design a unit-test for
this. And what's more, is there any chance to unify the codes? (At least
parts of the codes could be reused).
We can make filter-redirector based on filter-mirror.
if you want to use redirector ,you must open mirror before.
like this:
-netdev tap,id=hn0
-chardev socket,id=mirror0,host=ip_primary,port=X,server,nowait
-filter-mirror,id=m0,netdev=hn0,queue=tx/rx/all,redirector=on,outdev=mirror0
-filter-redirector,id=r0,netdev=hn0,queue=tx/rx/all,indev=s0
How about this?
This looks like a burden for user who just want to use redirector. Maybe
we can do :
- Still two type of filters but sharing a single state.
- Using a internal flag to differ mirrors from redirectors?
Good idea~ I will change it in next version.
net/Makefile.objs | 1 +
net/filter-redirector.c | 245
++++++++++++++++++++++++++++++++++++++++++++++++
qemu-options.hx | 6 ++
vl.c | 3 +-
4 files changed, 254 insertions(+), 1 deletion(-)
create mode 100644 net/filter-redirector.c
diff --git a/net/Makefile.objs b/net/Makefile.objs
index 5fa2f97..f4290a5 100644
--- a/net/Makefile.objs
+++ b/net/Makefile.objs
@@ -15,3 +15,4 @@ common-obj-$(CONFIG_VDE) += vde.o
common-obj-$(CONFIG_NETMAP) += netmap.o
common-obj-y += filter.o
common-obj-y += filter-buffer.o
+common-obj-y += filter-redirector.o
diff --git a/net/filter-redirector.c b/net/filter-redirector.c
new file mode 100644
index 0000000..364e463
--- /dev/null
+++ b/net/filter-redirector.c
@@ -0,0 +1,245 @@
+/*
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ * Copyright (c) 2016 FUJITSU LIMITED
+ * Copyright (c) 2016 Intel Corporation
+ *
+ * Author: Zhang Chen <zhangchen.f...@cn.fujitsu.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later. See the COPYING file in the top-level directory.
+ */
+
+#include "net/filter.h"
+#include "net/net.h"
+#include "qemu-common.h"
+#include "qapi/qmp/qerror.h"
+#include "qapi-visit.h"
+#include "qom/object.h"
+#include "qemu/main-loop.h"
+#include "qemu/error-report.h"
+#include "trace.h"
+#include "sysemu/char.h"
+#include "qemu/iov.h"
+#include "qemu/sockets.h"
+
+#define FILTER_REDIRECTOR(obj) \
+ OBJECT_CHECK(RedirectorState, (obj), TYPE_FILTER_REDIRECTOR)
+
+#define TYPE_FILTER_REDIRECTOR "filter-redirector"
+#define REDIRECT_HEADER_LEN sizeof(uint32_t)
+
+typedef struct RedirectorState {
+ NetFilterState parent_obj;
+ NetQueue *incoming_queue;/* guest normal net queue */
The comment looks unless and maybe even wrong when queue=rx?
We design redirector that indev's data always be passed to guest finally.
so, It's no relation between the queue=rx/tx/all. just related to
indev = xxx.
we need incoming_queue to inject packet from indev.
So what happens if queue=rx or you want to forbid queue=rx for redirector?
If queue=rx, filter-redirector will get the packet that guest send, then
redirect
to outdev(if none, do nothing). but queue=rx/tx/all not related to
indev. please
look the flow chart below. queue=xxx just work for one way(filter->outdev).
filter
+
|
|
redirector |
+-------------------------+
| | |
| | |
| | |
indev +----------------+ +----------------> outdev
| | |
| | |
| | |
+-------------------------+
|
|
v
filter
|
|
v
filter ........ filter ...... guest
.
--
Thanks
zhangchen
