[ovs-discuss] Packet inspection with Open vSwitch

Franck BAUDIN Franck.BAUDIN at qosmos.com
Tue May 12 12:32:34 UTC 2015 

Hi Moisés,

The architecture for DPI integration on OVS that has been presented during OVS fall conference:
        http://www.openvswitch.org/support/ovscon2014/17/1100-OVS-L7-matchers-v1-1.pptx

This architecture relies on conntracker and nfqueue actions to be added very soon in openvswitch 2.4 (coming version):  http://www.openvswitch.org/support/ovscon2014/17/1030-conntrack_nat.pdf

Best Regards,
Franck

> -----Original Message-----
> From: discuss [mailto:discuss-bounces at openvswitch.org] On Behalf Of
> Moises Rodrigues
> Sent: lundi 11 mai 2015 18:51
> To: discuss at openvswitch.org
> Subject: [ovs-discuss] Packet inspection with Open vSwitch
>
> Hello,
>
> I am trying to reproduce what was done in
> http://dl.acm.org/citation.cfm?id=2620735
> For those who cannot access the paper, what authors proposed that
> "switches in our system are augmented to have a stateful app processing
> capability that uses higher layer information in packets", this way an
> application running on top of Open vSwitch can access information beyond
> L2-L4.
> Is there some sort of API for such extension? I mean, if I want to do extra
> analyses with incoming packets, how could I do that? Do I have to make
> direct modification in Open vSwitch's code or is there an easier way?
> I googled for a while but I could not find anything that helps. Maybe I used
> the wrong words but, if any of you guys could help I would really appreciate
> it.
>
> Thanks for your time.
> Best regards,
>
> Moisés Rodrigues
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
This message and any attachments (the "message") are confidential, intended solely for the addressees. If you are not the intended recipient, please notify the sender immediately by e-mail and delete this message from your system. In this case, you are not authorized to use, copy this message and/or disclose the content to any other person. E-mails are susceptible to alteration. Neither Qosmos nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified.

Ce message et toutes ses pièces jointes (ci-après le "message")sont confidentiels et établis à l'intention exclusive de ses destinataires. Si vous avez reçu ce message par erreur, merci d’en informer immédiatement son émetteur par courrier électronique et d’effacer ce message de votre système. Dans cette hypothèse, vous n’êtes pas autorisé à utiliser, copier ce message et/ou en divulguer le contenu à un tiers. Tout message électronique est susceptible d'altération. Qosmos et ses filiales déclinent toute responsabilité au titre de ce message s'il a été altéré, déformé ou falsifié.

More information about the discuss mailing list