From patchwork Fri Nov 6 03:12:37 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniele Di Proietto X-Patchwork-Id: 540799 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from archives.nicira.com (li376-54.members.linode.com [96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id 726D31402D7 for ; Fri, 6 Nov 2015 14:13:55 +1100 (AEDT) Received: from archives.nicira.com (localhost [127.0.0.1]) by archives.nicira.com (Postfix) with ESMTP id 9E13122C3C3; Thu, 5 Nov 2015 19:12:53 -0800 (PST) X-Original-To: dev@openvswitch.org Delivered-To: dev@openvswitch.org Received: from mx1e4.cudamail.com (mx1.cudamail.com [69.90.118.67]) by archives.nicira.com (Postfix) with ESMTPS id DCCAD22C386 for ; Thu, 5 Nov 2015 19:12:49 -0800 (PST) Received: from bar5.cudamail.com (unknown [192.168.21.12]) by mx1e4.cudamail.com (Postfix) with ESMTPS id 2C1F51E0274 for ; Thu, 5 Nov 2015 20:12:49 -0700 (MST) X-ASG-Debug-ID: 1446779568-09eadd520859170001-byXFYA Received: from mx1-pf1.cudamail.com ([192.168.24.1]) by bar5.cudamail.com with ESMTP id Xsj2g2clSi2Pju4F (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 05 Nov 2015 20:12:48 -0700 (MST) X-Barracuda-Envelope-From: diproiettod@vmware.com X-Barracuda-RBL-Trusted-Forwarder: 192.168.24.1 Received: from unknown (HELO smtp-outbound-1.vmware.com) (208.91.2.12) by mx1-pf1.cudamail.com with ESMTPS (DHE-RSA-AES256-SHA encrypted); 6 Nov 2015 03:12:47 -0000 Received-SPF: pass (mx1-pf1.cudamail.com: SPF record at _spf.vmware.com designates 208.91.2.12 as permitted sender) X-Barracuda-Apparent-Source-IP: 208.91.2.12 X-Barracuda-RBL-IP: 208.91.2.12 Received: from sc9-mailhost3.vmware.com (sc9-mailhost3.vmware.com [10.113.161.73]) by smtp-outbound-1.vmware.com (Postfix) with ESMTP id D3FB12868D for ; Thu, 5 Nov 2015 19:12:46 -0800 (PST) Received: from diproiettod-dev.localdomain (unknown [10.33.74.202]) by sc9-mailhost3.vmware.com (Postfix) with ESMTP id D63B940253; Thu, 5 Nov 2015 19:12:46 -0800 (PST) X-CudaMail-Envelope-Sender: diproiettod@vmware.com From: Daniele Di Proietto To: dev@openvswitch.org X-CudaMail-Whitelist-To: dev@openvswitch.org X-CudaMail-MID: CM-E1-1104112888 X-CudaMail-DTE: 110515 X-CudaMail-Originating-IP: 208.91.2.12 Date: Thu, 5 Nov 2015 19:12:37 -0800 X-ASG-Orig-Subj: [##CM-E1-1104112888##][PATCH v2 06/11] dpctl: Add 'conntrack-dump' command. Message-Id: <1446779562-3837-7-git-send-email-diproiettod@vmware.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1446779562-3837-1-git-send-email-diproiettod@vmware.com> References: <1446779562-3837-1-git-send-email-diproiettod@vmware.com> X-Barracuda-Connect: UNKNOWN[192.168.24.1] X-Barracuda-Start-Time: 1446779568 X-Barracuda-Encrypted: DHE-RSA-AES256-SHA X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?= X-Virus-Scanned: by bsmtpd at cudamail.com X-Barracuda-BRTS-Status: 1 X-ASG-Whitelist: EmailCat (corporate) Subject: [ovs-dev] [PATCH v2 06/11] dpctl: Add 'conntrack-dump' command. X-BeenThere: dev@openvswitch.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: dev-bounces@openvswitch.org Sender: "dev" It can be used to inspect the connection tracking entries in the datapath. Signed-off-by: Daniele Di Proietto --- lib/dpctl.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ lib/dpctl.man | 24 ++++++++++++++++++++++++ 2 files changed, 69 insertions(+) diff --git a/lib/dpctl.c b/lib/dpctl.c index 438bfd3..2990026 100644 --- a/lib/dpctl.c +++ b/lib/dpctl.c @@ -28,6 +28,7 @@ #include "command-line.h" #include "compiler.h" +#include "ct-dpif.h" #include "dirs.h" #include "dpctl.h" #include "dpif.h" @@ -1241,6 +1242,49 @@ dpctl_list_commands(int argc OVS_UNUSED, const char *argv[] OVS_UNUSED, return 0; } + +static int +dpctl_dump_conntrack(int argc, const char *argv[], + struct dpctl_params *dpctl_p) +{ + struct ct_dpif_dump_state *dump; + struct ct_dpif_entry cte; + uint16_t zone, *pzone = NULL; + struct dpif *dpif; + char *name; + int error; + + if (argc > 1 && ovs_scan(argv[argc - 1], "zone=%"SCNu16, &zone)) { + pzone = &zone; + argc--; + } + name = (argc == 2) ? xstrdup(argv[1]) : get_one_dp(dpctl_p); + if (!name) { + return EINVAL; + } + error = parsed_dpif_open(name, false, &dpif); + free(name); + if (error) { + dpctl_error(dpctl_p, error, "opening datapath"); + return error; + } + + ct_dpif_dump_start(dpif, &dump, pzone); + while (!ct_dpif_dump_next(dump, &cte)) { + struct ds s = DS_EMPTY_INITIALIZER; + + ct_dpif_format_entry(&cte, &s, dpctl_p->verbosity, + dpctl_p->print_statistics); + ct_dpif_entry_uninit(&cte); + + dpctl_print(dpctl_p, "%s\n", ds_cstr(&s)); + ds_destroy(&s); + } + ct_dpif_dump_done(dump); + dpif_close(dpif); + return error; +} + /* Undocumented commands for unit testing. */ @@ -1519,6 +1563,7 @@ static const struct dpctl_command all_commands[] = { { "get-flow", "get-flow [dp] ufid", 1, 2, dpctl_get_flow }, { "del-flow", "del-flow [dp] flow", 1, 2, dpctl_del_flow }, { "del-flows", "[dp]", 0, 1, dpctl_del_flows }, + { "dump-conntrack", "[dp]", 0, 2, dpctl_dump_conntrack }, { "help", "", 0, INT_MAX, dpctl_help }, { "list-commands", "", 0, INT_MAX, dpctl_list_commands }, diff --git a/lib/dpctl.man b/lib/dpctl.man index 8b0fcfe..54c3e8e 100644 --- a/lib/dpctl.man +++ b/lib/dpctl.man @@ -149,3 +149,27 @@ Fetches the flow from \fIdp\fR's flow table with unique identifier \fIufid\fR. . .IP "\*(DX\fBdel\-flows\fR [\fIdp\fR]" Deletes all flow entries from datapath \fIdp\fR's flow table. +.SS "CONNECTION TRACKING TABLE DEBUGGING COMMANDS" +The following commands are primarily useful for debugging the connection +tracking entries in the datapath. +. +.PP +The \fIdp\fR argument to each of these commands is optional when +exactly one datapath exists, in which case that datapath is the +default. When multiple datapaths exist, then a datapath name is +required. +. +.PP +\fBN.B.\fR(Linux specific): the \fIsystem\fR datapaths (i.e. the Linux +kernel module Open vSwitch datapaths) share a single connection tracking +table (which is also used by other kernel subsystems, such as iptables, +nftables and the regular host stack). Therefore, the following commands +do not apply specifically to one datapath. +. +.TP +.DO "[\fB\-m\fR | \fB\-\-more\fR] [\fB\-s\fR | \fB\-\-statistics\fR]" "\*(DX\fBdump\-conntrack\fR" "[\fIdp\fR] [\fBzone=\fIzone\fR]" +Prints to the console all the connection entries in the tracker used by +\fIdp\fR. If \fBzone=\fIzone\fR is specified, only shows the connections +in \fBzone\fR. With \fB\-\-more\fR, some implementation specific details +are included. With \fB\-\-statistics\fR timeouts and timestamps are +added to the output.