diff options
author | Sairam Venugopal <vsairam@vmware.com> | 2016-04-13 11:54:03 -0700 |
---|---|---|
committer | Ben Pfaff <blp@ovn.org> | 2016-04-14 10:11:46 -0700 |
commit | 792d377d8330606ad122dae5f941e5088c10cf14 (patch) | |
tree | 233132b3b7fc3b4fb7f0c35a71d51b53d4a364b5 /datapath-windows/ovsext/Switch.c | |
parent | ce05810425872709ddda9d7755b3348f584849ff (diff) | |
download | openvswitch-792d377d8330606ad122dae5f941e5088c10cf14.tar.gz |
datapath-windows: Add Connection Tracking Support
Enable support for Stateful Firewall in Hyper-V by adding a Connection
Tracking module. The module has been ported over from the userspace
implementation patch of a similar name.
The current version of the module supports ct - zone, mark and label for
TCP packets. Support for other packet formats will be added in subsequent
patches.
The conntrack-tcp module is adapted from FreeBSD's pf subsystem and hence
the BSD license. It has been ported over to match OVS Hyper-V coding
style.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Co-Authored-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'datapath-windows/ovsext/Switch.c')
-rw-r--r-- | datapath-windows/ovsext/Switch.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/datapath-windows/ovsext/Switch.c b/datapath-windows/ovsext/Switch.c index 77bafb466..7ad2e9846 100644 --- a/datapath-windows/ovsext/Switch.c +++ b/datapath-windows/ovsext/Switch.c @@ -20,7 +20,7 @@ */ #include "precomp.h" - +#include "Conntrack.h" #include "Switch.h" #include "Vport.h" #include "Event.h" @@ -218,6 +218,13 @@ OvsCreateSwitch(NDIS_HANDLE ndisFilterHandle, goto create_switch_done; } + status = OvsInitConntrack(switchContext); + if (status != STATUS_SUCCESS) { + OvsUninitSwitchContext(switchContext); + OVS_LOG_ERROR("Exit: Failed to initialize Connection tracking"); + goto create_switch_done; + } + *switchContextOut = switchContext; create_switch_done: @@ -249,6 +256,7 @@ OvsExtDetach(NDIS_HANDLE filterModuleContext) OvsDeleteSwitch(switchContext); OvsCleanupIpHelper(); OvsCleanupSttDefragmentation(); + OvsCleanupConntrack(); /* This completes the cleanup, and a new attach can be handled now. */ OVS_LOG_TRACE("Exit: OvsDetach Successfully"); |