[ovs-dev] [patch v2 3/9] conntrack: Support v4 fragmentation.
Darrell Ball
dlu998 at gmail.com
Thu Jan 25 11:52:37 UTC 2018
The conntrack module now calls fragmentation support apis.
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
---
NEWS | 3 ++-
lib/conntrack.c | 6 ++++++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index d7d585b..137c511 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
Post-v2.9.0
--------------------
-
+ - Userspace datapath:
+ * Add v4 fragmentation support for conntrack.
v2.9.0 - xx xxx xxxx
--------------------
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 562e767..427d9bf 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -30,6 +30,7 @@
#include "ct-dpif.h"
#include "dp-packet.h"
#include "flow.h"
+#include "ipf.h"
#include "netdev.h"
#include "odp-netlink.h"
#include "openvswitch/hmap.h"
@@ -340,6 +341,7 @@ conntrack_init(struct conntrack *ct)
atomic_init(&ct->n_conn_limit, DEFAULT_N_CONN_LIMIT);
latch_init(&ct->clean_thread_exit);
ct->clean_thread = ovs_thread_create("ct_clean", clean_thread_main, ct);
+ ipf_init();
}
/* Destroys the connection tracker 'ct' and frees all the allocated memory. */
@@ -382,6 +384,7 @@ conntrack_destroy(struct conntrack *ct)
hindex_destroy(&ct->alg_expectation_refs);
ct_rwlock_unlock(&ct->resources_lock);
ct_rwlock_destroy(&ct->resources_lock);
+ ipf_destroy();
}
�
static unsigned hash_to_bucket(uint32_t hash)
@@ -1308,6 +1311,7 @@ conntrack_execute(struct conntrack *ct, struct dp_packet_batch *pkt_batch,
const struct nat_action_info_t *nat_action_info,
long long now)
{
+ ipf_preprocess_conntrack(pkt_batch, now, dl_type, zone, ct->hash_basis);
struct dp_packet *packet;
struct conn_lookup_ctx ctx;
@@ -1322,6 +1326,8 @@ conntrack_execute(struct conntrack *ct, struct dp_packet_batch *pkt_batch,
setlabel, nat_action_info, tp_src, tp_dst, helper);
}
+ ipf_postprocess_conntrack(pkt_batch, now);
+
return 0;
}
--
1.9.1
More information about the dev
mailing list