summaryrefslogtreecommitdiff
path: root/datapath-windows/ovsext/Switch.c
diff options
context:
space:
mode:
authorSairam Venugopal <vsairam@vmware.com>2016-04-13 11:54:03 -0700
committerBen Pfaff <blp@ovn.org>2016-04-14 10:11:46 -0700
commit792d377d8330606ad122dae5f941e5088c10cf14 (patch)
tree233132b3b7fc3b4fb7f0c35a71d51b53d4a364b5 /datapath-windows/ovsext/Switch.c
parentce05810425872709ddda9d7755b3348f584849ff (diff)
downloadopenvswitch-792d377d8330606ad122dae5f941e5088c10cf14.tar.gz
datapath-windows: Add Connection Tracking Support
Enable support for Stateful Firewall in Hyper-V by adding a Connection Tracking module. The module has been ported over from the userspace implementation patch of a similar name. The current version of the module supports ct - zone, mark and label for TCP packets. Support for other packet formats will be added in subsequent patches. The conntrack-tcp module is adapted from FreeBSD's pf subsystem and hence the BSD license. It has been ported over to match OVS Hyper-V coding style. Signed-off-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Co-Authored-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'datapath-windows/ovsext/Switch.c')
-rw-r--r--datapath-windows/ovsext/Switch.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/datapath-windows/ovsext/Switch.c b/datapath-windows/ovsext/Switch.c
index 77bafb466..7ad2e9846 100644
--- a/datapath-windows/ovsext/Switch.c
+++ b/datapath-windows/ovsext/Switch.c
@@ -20,7 +20,7 @@
*/
#include "precomp.h"
-
+#include "Conntrack.h"
#include "Switch.h"
#include "Vport.h"
#include "Event.h"
@@ -218,6 +218,13 @@ OvsCreateSwitch(NDIS_HANDLE ndisFilterHandle,
goto create_switch_done;
}
+ status = OvsInitConntrack(switchContext);
+ if (status != STATUS_SUCCESS) {
+ OvsUninitSwitchContext(switchContext);
+ OVS_LOG_ERROR("Exit: Failed to initialize Connection tracking");
+ goto create_switch_done;
+ }
+
*switchContextOut = switchContext;
create_switch_done:
@@ -249,6 +256,7 @@ OvsExtDetach(NDIS_HANDLE filterModuleContext)
OvsDeleteSwitch(switchContext);
OvsCleanupIpHelper();
OvsCleanupSttDefragmentation();
+ OvsCleanupConntrack();
/* This completes the cleanup, and a new attach can be handled now. */
OVS_LOG_TRACE("Exit: OvsDetach Successfully");