Fix build with !CONFIG_NF_CONNTRACK_MARK && CONFIG_OPENVSWITCH_CONNTRACK
Fixes: 182e304 ("openvswitch: Allow matching on conntrack mark")
Reported-by: Simon Horman
Signed-off-by: Joe Stringer
---
net/openvswitch/conntrack.c | 17 ++---
1 file changed, 14 insertio
On 28 August 2015 at 16:57, Simon Horman wrote:
> On Wed, Aug 26, 2015 at 11:31:43AM -0700, Joe Stringer wrote:
>> The goal of this series is to allow OVS to send packets through the Linux
>> kernel connection tracker, and subsequently match on fields populated by
>> conntrac
the option. Compile the support if NF_CONNTRACK is enabled.
Fixes: 7f8a436eaa2c ("openvswitch: Add conntrack action")
Signed-off-by: Joe Stringer
---
net/openvswitch/Kconfig | 12 +---
net/openvswitch/Makefile| 4 +++-
net/openvswitch/conntrack.h | 4 ++--
3 files c
version of the kernel. This patch rectifies the situation by
rejecting such ct_state bits.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v2: Acked.
---
net/openvswitch/conntrack.h| 12
net/openvswitch/flow
flags that aren't currently supported.
Suggested-by: Ben Pfaff
Signed-off-by: Joe Stringer
---
v2: Use bitmask for internal representation of COMMIT.
---
include/uapi/linux/openvswitch.h | 14 --
net/openvswitch/conntrack.c | 13 ++---
2 files changed, 10 inserti
cover forward compatibility of the ABI for the foreseeable
future.
This patch also reorders the OVS_CS_F_* bits to be sequential.
Suggested-by: Jarno Rajahalme
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v2: Acked.
---
include/uapi/linux/openvswitch.h | 8
net/openvswitch
These comments hadn't caught up to their implementations, fix them.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v2: Acked.
---
include/uapi/linux/openvswitch.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions
The ct action uses parts of the flow key, so we need to ensure that it
is valid before executing that action.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v2: Acked.
---
net/openvswitch/actions.c | 6 ++
1 file
If ovs_fragment() was unable to fragment the skb due to an L2 header
that exceeds the supported length, skbs would be leaked. Fix the bug.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer
---
v2: Drop if condition, return in success case.
---
net/o
flags within a 32-bit field,
simply use a netlink attribute as presence of the single flag that is
defined today. This also serves to reject unsupported ct action flag bits.
---
v2: Address minor style feedback, add acks.
v1: Initial post.
Joe Stringer (7):
openvswitch: Rename LABEL->LAB
Conntrack LABELS (plural) are exposed by conntrack; rename the OVS name
for these to be consistent with conntrack.
Signed-off-by: Joe Stringer
---
v2: Change ct_label struct names as well as constants.
---
include/uapi/linux/openvswitch.h | 12 +++
net/openvswitch/actions.c| 2
Conntrack LABELS (plural) are exposed by conntrack; rename the OVS name
for these to be consistent with conntrack.
Fixes: c2ac667 "openvswitch: Allow matching on conntrack label"
Signed-off-by: Joe Stringer
---
v3: Fix build with !CONFIG_NF_CONNTRACK
v2: Change ct_label struct names
Hi Pedro,
On Tue, Apr 6, 2021 at 11:58 AM Pedro Tammela wrote:
>
> In 'bpf_ringbuf_reserve()' we require the flag to '0' at the moment.
>
> For 'bpf_ringbuf_{discard,submit,output}' a flag of '0' might send a
> notification to the process if needed.
>
> Signed-off-by: Pedro Tammela
> ---
> incl
On 9 December 2014 at 10:32, Pravin Shelar wrote:
> On Tue, Dec 2, 2014 at 6:56 PM, Joe Stringer wrote:
>> @@ -662,11 +664,18 @@ static void get_dp_stats(const struct datapath *dp,
>> struct ovs_dp_stats *stats,
>> }
>> }
>>
>> -static si
On 9 December 2014 at 22:11, Pravin Shelar wrote:
> On Tue, Dec 9, 2014 at 4:25 PM, Joe Stringer wrote:
>> On 9 December 2014 at 10:32, Pravin Shelar wrote:
>>> On Tue, Dec 2, 2014 at 6:56 PM, Joe Stringer wrote:
>>>> @@ -424,10 +475,9 @@ static struct sw_f
ndo_gso_check() was recently introduced to allow NICs to report the
offloading support that they have on a per-skb basis. Add an
implementation for this driver which checks for IPIP, GRE, UDP tunnels.
Signed-off-by: Joe Stringer
---
v3: Drop IPIP and GRE (no driver support even though hw
On 2 December 2014 at 10:26, Jesse Gross wrote:
> On Mon, Dec 1, 2014 at 4:09 PM, Tom Herbert wrote:
>> On Mon, Dec 1, 2014 at 3:53 PM, Jesse Gross wrote:
>>> On Mon, Dec 1, 2014 at 3:47 PM, Tom Herbert wrote:
>>>> On Mon, Dec 1, 2014 at 3:35 PM, Joe Stringer
&g
>> > +#define MAX_TUNNEL_HDR_LEN 80
>>
>> I'd #define this just above the function, if not at the start of the
>> file...
Right, the style for most of this file is to place the #define like
this above the function. I'll do that.
--
To unsubscribe from this list: send the line "unsubscribe lin
On 4 December 2014 at 12:17, Tom Herbert wrote:
> On Thu, Dec 4, 2014 at 10:39 AM, Joe Stringer wrote:
>> ndo_gso_check() was recently introduced to allow NICs to report the
>> offloading support that they have on a per-skb basis. Add an
>> implementation for this driver
ndo_gso_check() was recently introduced to allow NICs to report the
offloading support that they have on a per-skb basis. Add an
implementation for this driver which checks for IPIP, GRE, UDP tunnels.
Signed-off-by: Joe Stringer
---
v4: Simplify the check to just do tunnel header length.
Fix
Use vxlan_gso_check() to advertise offload support for this NIC.
Signed-off-by: Joe Stringer
---
drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c |7 +++
1 file changed, 7 insertions(+)
diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
b/drivers/net/ethernet/broadcom/bnx2x
Rework so that ovs_flow_tbl_insert() calls flow_{key,mask}_insert().
This tidies up a future patch.
Signed-off-by: Joe Stringer
---
net/openvswitch/flow_table.c | 21 ++---
1 file changed, 14 insertions(+), 7 deletions(-)
diff --git a/net/openvswitch/flow_table.c b/net
These minor tidyups make a future patch a little tidier.
Signed-off-by: Joe Stringer
---
net/openvswitch/flow_table.c | 20 +---
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/net/openvswitch/flow_table.c b/net/openvswitch/flow_table.c
index 81b977d..9a3f41f
ut whether it is serializing a mask or not.
Signed-off-by: Joe Stringer
---
net/openvswitch/datapath.c | 41 ++--
net/openvswitch/flow_netlink.c | 38 ++---
net/openvswitch/flow_netlink.h |7 +--
3 files c
gs
enabled, the datapath only returns the UFID and statistics for each flow
during flow dump, increasing ovs-vswitchd revalidator performance by 40%
or more.
Signed-off-by: Joe Stringer
---
Documentation/networking/openvswitch.txt | 13 ++
include/uapi/linux/openvswitch.h | 2
The first user will be the next patch.
Signed-off-by: Joe Stringer
---
include/net/genetlink.h | 17 +
1 file changed, 17 insertions(+)
diff --git a/include/net/genetlink.h b/include/net/genetlink.h
index 8412508..fb2d2e6 100644
--- a/include/net/genetlink.h
+++ b/include/net
ed terse dumping and deleting by default
- Various fixes
RFCv3:
- Add datapath implementation
Joe Stringer (5):
openvswitch: Refactor ovs_nla_fill_match().
openvswitch: Refactor ovs_flow_tbl_insert().
openvswitch: Use sw_flow_key_range for key ranges.
genetlink: Add genlmsg_parse() helper
On 16 January 2015 at 00:07, Pravin Shelar wrote:
>> @@ -213,13 +223,15 @@ struct flow_stats {
>>
>> struct sw_flow {
>> struct rcu_head rcu;
>> - struct hlist_node hash_node[2];
>> - u32 hash;
>> + struct {
>> + struct hlist_node node[2];
>> +
/gmane.linux.network/332428/focus=333111
Signed-off-by: Joe Stringer
---
drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 12
1 file changed, 12 insertions(+)
diff --git a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c
b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c
index f3032fe..aca9908
aders of up to 64 octets, perhaps there are other specifics that I've missed.
Joe Stringer (5):
be2net: Implement ndo_gso_check()
i40e: Implement ndo_gso_check()
fm10k: Implement ndo_gso_check()
net/mlx4_en: Implement ndo_gso_check()
qlcnic: Implement ndo_gso_check()
drivers/ne
://thread.gmane.org/gmane.linux.network/332428/focus=333111
Signed-off-by: Joe Stringer
---
drivers/net/ethernet/intel/i40e/i40e_main.c | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c
b/drivers/net/ethernet/intel/i40e
/gmane.linux.network/332428/focus=333111
Signed-off-by: Joe Stringer
---
Should this driver report support for GSO on packets with tunnel headers
up to 64B like the i40e driver does?
---
drivers/net/ethernet/intel/fm10k/fm10k_netdev.c | 12
1 file changed, 12 insertions(+)
diff --git a
/gmane.linux.network/332428/focus=333111
Signed-off-by: Joe Stringer
---
drivers/net/ethernet/qlogic/qlcnic/qlcnic_main.c | 12
1 file changed, 12 insertions(+)
diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_main.c
b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_main.c
index f5e29f7
/gmane.linux.network/332428/focus=333111
Signed-off-by: Joe Stringer
---
drivers/net/ethernet/emulex/benet/be_main.c | 12
1 file changed, 12 insertions(+)
diff --git a/drivers/net/ethernet/emulex/benet/be_main.c
b/drivers/net/ethernet/emulex/benet/be_main.c
index 9a18e79..bd52b8d 100644
On Wed, Nov 05, 2014 at 04:38:25PM -0500, David Miller wrote:
> From: Or Gerlitz
> Date: Wed, 5 Nov 2014 23:32:44 +0200
>
> > but fact is that the proposed patch series has the --same-- helper for
> > four drivers, so why not start with a that limited helper which would
> > be picked up by these
On Wed, Nov 05, 2014 at 06:54:00PM -0800, Alexander Duyck wrote:
> On 11/04/2014 01:56 PM, Joe Stringer wrote:
> > ndo_gso_check() was recently introduced to allow NICs to report the
> > offloading support that they have on a per-skb basis. Add an
> > implementation for thi
On Thu, Nov 06, 2014 at 10:41:15AM -0800, Joe Stringer wrote:
> On Wed, Nov 05, 2014 at 06:54:00PM -0800, Alexander Duyck wrote:
> > On 11/04/2014 01:56 PM, Joe Stringer wrote:
> > > ndo_gso_check() was recently introduced to allow NICs to report the
> > > offloading
On Thu, Nov 06, 2014 at 11:58:32PM +, Vick, Matthew wrote:
> On 11/5/14, 11:36 AM, "Jeff Kirsher" wrote:
>
> >On Wed, 2014-11-05 at 10:26 -0800, Joe Stringer wrote:
> >> On 5 November 2014 04:47, Jeff Kirsher
> >>wrote:
> >> >
> &
On Fri, 07 Nov 2014 14:20:08 Vick, Matthew wrote:
> On 11/6/14, 4:55 PM, "Joe Stringer" wrote:
> >On Thu, Nov 06, 2014 at 11:58:32PM +, Vick, Matthew wrote:
> >> On 11/5/14, 11:36 AM, "Jeff Kirsher"
> >>
> >>wrote:
> >> Hi Joe,
On Fri, 07 Nov 2014 14:07:36 Vick, Matthew wrote:
> On 11/6/14, 1:15 PM, "Joe Stringer" wrote:
> >Oh, I suppose we need to check the gso_type too. More like this?
> >
> >+static bool fm10k_gso_check(struct sk_buff *skb, struct net_device *dev)
> >+{
>
On Friday, November 07, 2014 11:49:38 Vick, Matthew wrote:
> On 11/6/14, 9:05 PM, "Joe Stringer" wrote:
> >Let's merge both discussions into one thread (pick here or there). We
> >have
> >this suggestion or the one which simply checks for tunnels and
> >
On 31 July 2015 at 19:08, Pravin Shelar wrote:
> On Thu, Jul 30, 2015 at 11:12 AM, Joe Stringer wrote:
>> +static void prepare_frag(struct vport *vport, struct sw_flow_key *key,
>> +struct sk_buff *skb)
>> +{
>> + unsigned int hlen =
The flags were ignored for this function when it was introduced. Also
fix the style problem in kzalloc.
Fixes: 0838aa7fc (netfilter: fix netns dependencies with conntrack
templates)
Signed-off-by: Joe Stringer
---
net/netfilter/nf_conntrack_core.c | 4 ++--
1 file changed, 2 insertions(+), 2
On 4 August 2015 at 18:34, Joe Stringer wrote:
> The flags were ignored for this function when it was introduced. Also
> fix the style problem in kzalloc.
>
> Fixes: 0838aa7fc (netfilter: fix netns dependencies with conntrack
> templates)
> Signed-off-by: Joe Stringer
s/net/n
On 1 August 2015 at 12:17, Thomas Graf wrote:
> On 07/31/15 at 10:51am, Joe Stringer wrote:
>> On 31 July 2015 at 07:34, Hannes Frederic Sowa wrote:
>> > In general, this shouldn't be necessary as the packet should already be
>> > scrubbed before they arrive here.
This will allow the ovs-conntrack code to reuse these macros.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
---
net/openvswitch/actions.c | 52 ++
net/openvswitch/datapath.h | 4
2 files changed, 29 insertions(+), 27 deletions(-)
diff
header to apply to fragments
Various bits of refactoring, comments, styles, log improvements
Defer patch to scrub skb
Rebase
v1: First non-RFC post.
Fragment handling.
Conntrack label support.
Joe Stringer (8):
openvswitch: Serialize acts with original netlink len
Add functions to change connlabel length into nf_conntrack_labels.c so
they may be reused by other modules like OVS and nftables without
needing to jump through xt_match_check() hoops.
Suggested-by: Florian Westphal
Signed-off-by: Joe Stringer
---
v2: Protect connlabel modification with
->ct_label)
This will perform conntrack lookup in zone 1, then modify the label for
that entry. The conntrack entry itself must be committed using the
"commit" flag in the conntrack action flags for this change to persist.
Signed-off-by: Joe Stringer
---
v2: Split out setting the connl
original length when serializing.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
---
net/openvswitch/datapath.c | 2 +-
net/openvswitch/flow.h | 1 +
net/openvswitch/flow_netlink.c | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/openvswitch/datapath.c b/net
tcp,ct_state=-trk,action=ct(),recirc(1)
recirc_id=1,in_port=2,tcp,ct_state=+trk-new+est,action=1
recirc_id=1,in_port=2,tcp,ct_state=+trk+rel,action=1
Signed-off-by: Joe Stringer
---
include/uapi/linux/openvswitch.h | 1 +
net/openvswitch/conntrack.c |
U) size is tracked so that
refragmentation can occur during output.
IP frag handling contributed by Andy Zhou.
Signed-off-by: Joe Stringer
Signed-off-by: Justin Pettit
Signed-off-by: Andy Zhou
---
This can be tested with the corresponding userspace component here:
https://www.github.com/justinpettit
The following patches will reuse this code from OVS.
Signed-off-by: Joe Stringer
---
net/netfilter/nf_conntrack_labels.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/netfilter/nf_conntrack_labels.c
b/net/netfilter/nf_conntrack_labels.c
index 06e71a0..3ce5c31 100644
--- a/net
ing
the "commit" flag in the conntrack action flags for this change to persist.
Signed-off-by: Justin Pettit
Signed-off-by: Joe Stringer
---
include/uapi/linux/openvswitch.h | 1 +
net/openvswitch/actions.c| 6 ++
net/openvswitch/conntrac
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 6d02498..701cd2b 100644
--- a/net/ipv6/netfilter
conntrack zone changes.
This functionality is enabled through the CONFIG_OPENVSWITCH_CONNTRACK option.
The branch below has been updated with the corresponding userspace pieces:
https://github.com/joestringer/ovs dev/ct_20150818
Joe Stringer (10):
openvswitch: Serialize acts with original netlink
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v4: Add ack.
v5: No change.
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index
Add functions to change connlabel length into nf_conntrack_labels.c so
they may be reused by other modules like OVS and nftables without
needing to jump through xt_match_check() hoops.
Suggested-by: Florian Westphal
Signed-off-by: Joe Stringer
Acked-by: Florian Westphal
Acked-by: Thomas Graf
The following patches will reuse this code from OVS.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
Acked-by: Thomas Graf
---
v2-v4: No change.
v5: Add acks.
---
net/netfilter/nf_conntrack_labels.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/netfilter/nf_conntrack_labels.c
after the lookup occurs for the CT action. The
conntrack entry itself must be committed using the COMMIT flag in the CT
action flags for this change to persist.
Signed-off-by: Justin Pettit
Signed-off-by: Joe Stringer
---
v1-v3: No change.
v4: Only allow setting conntrack mark via ct action
ort=1,tcp,action=ct(helper=ftp,commit),2
in_port=2,tcp,ct_state=-trk,action=ct(recirc)
in_port=2,tcp,ct_state=+trk-new+est,action=1
in_port=2,tcp,ct_state=+trk+rel,action=1
Signed-off-by: Joe Stringer
---
v2-v3: No change.
v4: Change error code for unknown helper ENOENT->EINVAL.
v5: Fix rcu acc
This will allow the ovs-conntrack code to reuse these macros.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v4: Add ack.
v5: No change.
---
net/openvswitch/actions.c | 52 ++
net/openvswitch/datapath.h | 4
2
populated with the zone id.
IP fragments are handled by transparently assembling them as part of the
CT action. The maximum received unit (MRU) size is tracked so that
refragmentation can occur during output.
IP frag handling contributed by Andy Zhou.
Signed-off-by: Joe Stringer
Signed-off-
will only persist when the conntrack entry is committed by
providing the COMMIT flag to the CT action. Labels are currently fixed
to 128 bits in size.
Signed-off-by: Joe Stringer
---
v2: Split out setting the connlabel size for the current namespace.
v3: No change.
v4: Only allow setting label via
This variation on skb_dst_copy() doesn't require two skbs.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v4: Add ack.
v5: No change.
---
include/net/dst.h | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/include/net/dst.h b/include/net/dst.h
original length when serializing.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v2: No change.
v3: Preserve original length across buffer resize.
v4: Add ack.
v5: No change.
---
net/openvswitch/datapath.c | 2 +-
net/openvswitch/flow.h | 1 +
net/openvswitch/flow_netlink.c
On 25 August 2015 at 11:33, Thomas Graf wrote:
> On 08/24/15 at 05:32pm, Joe Stringer wrote:
>> Add support for using conntrack helpers to assist protocol detection.
>> The new OVS_CT_ATTR_HELPER attribute of the CT action specifies a helper
>> to be used for this connec
Add functions to change connlabel length into nf_conntrack_labels.c so
they may be reused by other modules like OVS and nftables without
needing to jump through xt_match_check() hoops.
Suggested-by: Florian Westphal
Signed-off-by: Joe Stringer
Acked-by: Florian Westphal
Acked-by: Thomas Graf
The following patches will reuse this code from OVS.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
Acked-by: Thomas Graf
---
v2-v4: No change.
v5: Add acks.
v6: No change.
---
net/netfilter/nf_conntrack_labels.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/netfilter
ort=1,tcp,action=ct(helper=ftp,commit),2
in_port=2,tcp,ct_state=-trk,action=ct(recirc)
in_port=2,tcp,ct_state=+trk-new+est,action=1
in_port=2,tcp,ct_state=+trk+rel,action=1
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v2-v3: No change.
v4: Change error code
This variation on skb_dst_copy() doesn't require two skbs.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
Acked-by: Thomas Graf
---
v4: Add ack.
v5: No change.
v6: Add ack.
---
include/net/dst.h | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/includ
will only persist when the conntrack entry is committed by
providing the COMMIT flag to the CT action. Labels are currently fixed
to 128 bits in size.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v2: Split out setting the connlabel size for the current
after the lookup occurs for the CT action. The
conntrack entry itself must be committed using the COMMIT flag in the CT
action flags for this change to persist.
Signed-off-by: Justin Pettit
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v1-v3: No change.
v4
populated with the zone id.
IP fragments are handled by transparently assembling them as part of the
CT action. The maximum received unit (MRU) size is tracked so that
refragmentation can occur during output.
IP frag handling contributed by Andy Zhou.
Signed-off-by: Joe Stringer
Signed-off-
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v4: Add ack.
v5-v6: No change.
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
checking the behaviour
is correct with different configurations such as disabling
CONFIG_OPENVSWITCH_CONNTRACK or disabling individual conntrack features like
connlabels.
The branch below has been updated with the corresponding userspace pieces:
https://github.com/joestringer/ovs dev/ct_20150818
Joe
This will allow the ovs-conntrack code to reuse these macros.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v2-v3: No change.
v4: Add ack.
v5-v6: No change.
---
net/openvswitch/actions.c | 52 ++
net/openvswitch
original length when serializing.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
Acked-by: Thomas Graf
---
v2: No change.
v3: Preserve original length across buffer resize.
v4: Add ack.
v5: No change.
v6: Add ack.
---
net/openvswitch/datapath.c | 2 +-
net/openvswitch/flow.h | 1
On 26 August 2015 at 11:31, Joe Stringer wrote:
> Expose the kernel connection tracker via OVS. Userspace components can
> make use of the CT action to populate the connection state (ct_state)
> field for a flow. This state can be subsequently matched.
>
> Exposed connection state
port_output);
^
>> net/openvswitch/actions.c:707:19: warning: unused variable 'ovs_rt'
[-Wunused-variable]
struct rt6_info ovs_rt;
^
cc1: some warnings being treated as errors
Joe Stringer (2):
netfilter: Define v6ops in !CONFIG_
When CONFIG_OPENVSWITCH is set, and CONFIG_NETFILTER is not set, the
openvswitch IPv6 fragmentation handling cannot refer to ipv6_ops because
it isn't defined. Add a dummy version to avoid #ifdefs in source files.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-b
kbuild test robot reports that certain configurations will not
automatically pick up on the "struct rt6_info" definition, so explicitly
include the header for this structure.
Fixes: 7f8a436 "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer
---
net/openvswitc
U) size is tracked so that
refragmentation can occur during output.
IP frag handling contributed by Andy Zhou.
Signed-off-by: Joe Stringer
Signed-off-by: Justin Pettit
Signed-off-by: Andy Zhou
---
This can be tested with the corresponding userspace component here:
https://www.github.com/justinpe
tcp,ct_state=-trk,action=ct(),recirc(1)
recirc_id=1,in_port=2,tcp,ct_state=+trk-new+est,action=1
recirc_id=1,in_port=2,tcp,ct_state=+trk+rel,action=1
Signed-off-by: Joe Stringer
---
include/uapi/linux/openvswitch.h | 1 +
net/openvswitch/Kconfig | 1 +
net/openvswitch/conntrack.c |
Signed-off-by: Joe Stringer
---
net/openvswitch/vport.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c
index d14f594..baa018f 100644
--- a/net/openvswitch/vport.c
+++ b/net/openvswitch/vport.c
@@ -475,6 +475,9 @@ void ovs_vport_receive
through the CONFIG_OPENVSWITCH_CONNTRACK option.
The branch below has been updated with the corresponding userspace pieces:
https://github.com/justinpettit/ovs conntrack
Joe Stringer (8):
openvswitch: Scrub packet in ovs_vport_receive()
openvswitch: Serialize acts with original netlink len
ing
the "commit" flag in the conntrack action flags for this change to persist.
Signed-off-by: Justin Pettit
Signed-off-by: Joe Stringer
---
include/uapi/linux/openvswitch.h | 1 +
net/openvswitch/actions.c| 6 ++
net/openvswitch/conntrac
->ct_label)
This will perform conntrack lookup in zone 1, then modify the label for
that entry. The conntrack entry itself must be committed using the
"commit" flag in the conntrack action flags for this change to persist.
Signed-off-by: Joe Stringer
---
include/uapi/linux/openvs
Signed-off-by: Joe Stringer
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 6f187c8..ce3d5d8 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net
original length when serializing.
Signed-off-by: Joe Stringer
---
net/openvswitch/datapath.c | 2 +-
net/openvswitch/flow.h | 1 +
net/openvswitch/flow_netlink.c | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
This will allow the ovs-conntrack code to reuse these macros.
Signed-off-by: Joe Stringer
---
net/openvswitch/actions.c | 52 ++
net/openvswitch/datapath.h | 4
2 files changed, 29 insertions(+), 27 deletions(-)
diff --git a/net/openvswitch
The following patches will reuse this code from OVS.
Signed-off-by: Joe Stringer
---
net/netfilter/nf_conntrack_labels.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/netfilter/nf_conntrack_labels.c
b/net/netfilter/nf_conntrack_labels.c
index bb53f12..daa7c13 100644
--- a/net
On 30 July 2015 at 11:40, Thomas Graf wrote:
> On 07/30/15 at 11:12am, Joe Stringer wrote:
>> Signed-off-by: Joe Stringer
>
> Can you write a few lines on why this is needed? I have flows which
> use the mark to communicate with netfilter through internal ports.
The problem I
On 5 August 2015 at 15:31, Pravin Shelar wrote:
> On Tue, Aug 4, 2015 at 9:49 PM, Joe Stringer wrote:
> I got sparse warning:
>
> net/openvswitch/actions.c:634:1: warning: symbol 'ovs_dst_get_mtu' was
> not declared. Should it be static?
>
> net/openvswitch/actio
nts
Defer patch to scrub skb
Rebase
v1: First non-RFC post.
Fragment handling.
Conntrack label support.
Joe Stringer (10):
openvswitch: Serialize acts with original netlink len
openvswitch: Move MASKED* macros to datapath.h
ipv6: Export nf_ct_frag6_gather()
dst: Add __skb_dst_c
This will allow the ovs-conntrack code to reuse these macros.
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v4: Add ack.
---
net/openvswitch/actions.c | 52 ++
net/openvswitch/datapath.h | 4
2 files changed
This variation on skb_dst_copy() doesn't require two skbs.
Signed-off-by: Joe Stringer
Acked-by: Pravin B Shelar
---
v4: Add ack.
---
include/net/dst.h | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/include/net/dst.h b/include/net/dst.h
index 2578811..05
Signed-off-by: Joe Stringer
Acked-by: Thomas Graf
Acked-by: Pravin B Shelar
---
v4: Add ack.
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 6d02498..701cd2b
tcp,ct_state=-trk,action=ct(),recirc(1)
recirc_id=1,in_port=2,tcp,ct_state=+trk-new+est,action=1
recirc_id=1,in_port=2,tcp,ct_state=+trk+rel,action=1
Signed-off-by: Joe Stringer
---
v2-v3: No change.
v4: Change error code for unknown helper ENOENT->EINVAL.
---
include/uapi/linux/openvswitch.h
U) size is tracked so that
refragmentation can occur during output.
IP frag handling contributed by Andy Zhou.
Signed-off-by: Joe Stringer
Signed-off-by: Justin Pettit
Signed-off-by: Andy Zhou
---
This can be tested with the corresponding userspace component here:
https://www.github.com/justinpettit
1 - 100 of 294 matches
Mail list logo
