V_irtualise ipfilter
ClosedPublic
Actions

Authored by bz on Jun 27 2016, 11:40 PM.

Details

Reviewers

emaste
cy
glebius
gnn

Commits

rS302298: Virtualise ipfilter.

Summary

Virtualise ipfilter.  Cleanup some entirely unused parts.  Split

initializzation an teardown into module (once global) and VNET (per
virtual network stack) parts. Sadly had to add very special handling
for sysctls (see commit message in projects/vnet).

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

bz updated this revision to Diff 17955.Jun 27 2016, 11:40 PM

bz retitled this revision from to V_irtualise ipfilter.

bz updated this object.

bz edited the test plan for this revision. (Show Details)

bz added reviewers: gnn, emaste, cy.

bz added a subscriber: network.

Herald added a subscriber: imp. · View Herald TranscriptJun 27 2016, 11:40 PM

cy added a reviewer: glebius.Jun 28 2016, 12:31 AM

I've had a chance to review some of the code but not all. Tested on my testbed gateway. No problems so far... I should be able to review the remaining code later this week.

sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
105 ↗	(On Diff #17955)	This should probably be removed through a separate commit so as not to confuse general cleanup with implementation of VNET functionality.
119 ↗	(On Diff #17955)	An XXX commenting why the cloner was disabled should probably be included for future reference.

I can add reasons why later.

sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
224 ↗	(On Diff #17955)	Similarly for ipf_checkp and ipf_savep, genaral cleanup should be committed separately to avoid confusion with actual VNET implenentation vs general cleanup.
sys/contrib/ipfilter/netinet/ip_nat.c
280 ↗	(On Diff #17955)	General cleanup should be a separate commit.

This revision is now accepted and ready to land.Jun 29 2016, 4:51 AM

I'll do the general cleanup parts separately; sure.

And I'll add a comment to the code on why the ifc event was disabled.

I'd like to commit this no later than Thu if possible, so if anyone else has further comments, please get to them today! Thanks!

bz mentioned this in rS302289: Remove unused global variables as well as unused memory.Jun 30 2016, 1:32 AM

Remove the unrelated cleanup already committed to head.
Add comment as to why the cloned eventhandler is disabled.
Remove some #if 0ed code block, which sneaked in.

This revision now requires review to proceed.Jun 30 2016, 1:39 AM

cy accepted this revision.Jun 30 2016, 3:00 AM

cy edited edge metadata.

This revision is now accepted and ready to land.Jun 30 2016, 3:00 AM

Closed by commit rS302298: Virtualise ipfilter. (authored by bz). · Explain WhyJun 30 2016, 3:01 PM

This revision was automatically updated to reflect the committed changes.