@@ -852,7 +852,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_nw_proto".
*
* The "protocol" byte in the IPv4 or IPv6 header for the original
- * direction conntrack tuple, or of the master conntrack entry, if the
+ * direction conntrack tuple, or of the primary conntrack entry, if the
* current connection is a related connection.
*
* The value is initially zero and populated by the CT action. The value
@@ -873,7 +873,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_nw_src".
*
* IPv4 source address of the original direction tuple of the conntrack
- * entry, or of the master conntrack entry, if the current connection is a
+ * entry, or of the primary conntrack entry, if the current connection is a
* related connection.
*
* The value is populated by the CT action.
@@ -892,7 +892,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_nw_dst".
*
* IPv4 destination address of the original direction tuple of the
- * conntrack entry, or of the master conntrack entry, if the current
+ * conntrack entry, or of the primary conntrack entry, if the current
* connection is a related connection.
*
* The value is populated by the CT action.
@@ -911,7 +911,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_ipv6_src".
*
* IPv6 source address of the original direction tuple of the conntrack
- * entry, or of the master conntrack entry, if the current connection is a
+ * entry, or of the primary conntrack entry, if the current connection is a
* related connection.
*
* The value is populated by the CT action.
@@ -930,7 +930,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_ipv6_dst".
*
* IPv6 destination address of the original direction tuple of the
- * conntrack entry, or of the master conntrack entry, if the current
+ * conntrack entry, or of the primary conntrack entry, if the current
* connection is a related connection.
*
* The value is populated by the CT action.
@@ -949,7 +949,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_tp_src".
*
* Transport layer source port of the original direction tuple of the
- * conntrack entry, or of the master conntrack entry, if the current
+ * conntrack entry, or of the primary conntrack entry, if the current
* connection is a related connection.
*
* The value is populated by the CT action.
@@ -967,7 +967,7 @@ enum OVS_PACKED_ENUM mf_field_id {
/* "ct_tp_dst".
*
* Transport layer destination port of the original direction tuple of the
- * conntrack entry, or of the master conntrack entry, if the current
+ * conntrack entry, or of the primary conntrack entry, if the current
* connection is a related connection.
*
* The value is populated by the CT action.
@@ -71,13 +71,13 @@ struct alg_exp_node {
/* Key of data connection to be created. */
struct conn_key key;
/* Corresponding key of the control connection. */
- struct conn_key master_key;
+ struct conn_key primary_key;
/* The NAT replacement address to be used by the data connection. */
union ct_addr alg_nat_repl_addr;
- /* The data connection inherits the master control
+ /* The data connection inherits the primary control
* connection label and mark. */
- ovs_u128 master_label;
- uint32_t master_mark;
+ ovs_u128 primary_label;
+ uint32_t primary_mark;
/* True if for NAT application, the alg replaces the dest address;
* otherwise, the source address is replaced. */
bool nat_rpl_dst;
@@ -92,7 +92,7 @@ struct conn {
/* Immutable data. */
struct conn_key key;
struct conn_key rev_key;
- struct conn_key master_key; /* Only used for orig_tuple support. */
+ struct conn_key primary_key; /* Only used for orig_tuple support. */
struct ovs_list exp_node;
struct cmap_node cm_node;
struct nat_action_info_t *nat_info;
@@ -144,7 +144,7 @@ detect_ftp_ctl_type(const struct conn_lookup_ctx *ctx,
struct dp_packet *pkt);
static void
-expectation_clean(struct conntrack *ct, const struct conn_key *master_key);
+expectation_clean(struct conntrack *ct, const struct conn_key *primary_key);
static struct ct_l4_proto *l4_protos[] = {
[IPPROTO_TCP] = &ct_proto_tcp,
@@ -585,14 +585,14 @@ write_ct_md(struct dp_packet *pkt, uint16_t zone, const struct conn *conn,
/* Use the original direction tuple if we have it. */
if (conn) {
if (conn->alg_related) {
- key = &conn->master_key;
+ key = &conn->primary_key;
} else {
key = &conn->key;
}
} else if (alg_exp) {
- pkt->md.ct_mark = alg_exp->master_mark;
- pkt->md.ct_label = alg_exp->master_label;
- key = &alg_exp->master_key;
+ pkt->md.ct_mark = alg_exp->primary_mark;
+ pkt->md.ct_label = alg_exp->primary_label;
+ key = &alg_exp->primary_key;
}
pkt->md.ct_orig_tuple_ipv6 = false;
@@ -1002,9 +1002,9 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt,
if (alg_exp) {
nc->alg_related = true;
- nc->mark = alg_exp->master_mark;
- nc->label = alg_exp->master_label;
- nc->master_key = alg_exp->master_key;
+ nc->mark = alg_exp->primary_mark;
+ nc->label = alg_exp->primary_label;
+ nc->primary_key = alg_exp->primary_key;
}
if (nat_action_info) {
@@ -1312,7 +1312,7 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
if (!conn) {
pkt->md.ct_state |= CS_INVALID;
write_ct_md(pkt, zone, NULL, NULL, NULL);
- char *log_msg = xasprintf("Missing master conn %p", rev_conn);
+ char *log_msg = xasprintf("Missing primary conn %p", rev_conn);
ct_print_conn_info(rev_conn, log_msg, VLL_INFO, true, true);
free(log_msg);
return;
@@ -2677,16 +2677,16 @@ expectation_remove(struct hmap *alg_expectations,
/* This function must be called with the ct->resources read lock taken. */
static struct alg_exp_node *
expectation_ref_lookup_unique(const struct hindex *alg_expectation_refs,
- const struct conn_key *master_key,
+ const struct conn_key *primary_key,
const struct conn_key *alg_exp_key,
uint32_t basis)
{
struct alg_exp_node *alg_exp_node;
HINDEX_FOR_EACH_WITH_HASH (alg_exp_node, node_ref,
- conn_key_hash(master_key, basis),
+ conn_key_hash(primary_key, basis),
alg_expectation_refs) {
- if (!conn_key_cmp(&alg_exp_node->master_key, master_key) &&
+ if (!conn_key_cmp(&alg_exp_node->primary_key, primary_key) &&
!conn_key_cmp(&alg_exp_node->key, alg_exp_key)) {
return alg_exp_node;
}
@@ -2701,23 +2701,23 @@ expectation_ref_create(struct hindex *alg_expectation_refs,
uint32_t basis)
{
if (!expectation_ref_lookup_unique(alg_expectation_refs,
- &alg_exp_node->master_key,
+ &alg_exp_node->primary_key,
&alg_exp_node->key, basis)) {
hindex_insert(alg_expectation_refs, &alg_exp_node->node_ref,
- conn_key_hash(&alg_exp_node->master_key, basis));
+ conn_key_hash(&alg_exp_node->primary_key, basis));
}
}
static void
-expectation_clean(struct conntrack *ct, const struct conn_key *master_key)
+expectation_clean(struct conntrack *ct, const struct conn_key *primary_key)
{
ovs_rwlock_wrlock(&ct->resources_lock);
struct alg_exp_node *node, *next;
HINDEX_FOR_EACH_WITH_HASH_SAFE (node, next, node_ref,
- conn_key_hash(master_key, ct->hash_basis),
+ conn_key_hash(primary_key, ct->hash_basis),
&ct->alg_expectation_refs) {
- if (!conn_key_cmp(&node->master_key, master_key)) {
+ if (!conn_key_cmp(&node->primary_key, primary_key)) {
expectation_remove(&ct->alg_expectations, &node->key,
ct->hash_basis);
hindex_remove(&ct->alg_expectation_refs, &node->node_ref);
@@ -2730,7 +2730,7 @@ expectation_clean(struct conntrack *ct, const struct conn_key *master_key)
static void
expectation_create(struct conntrack *ct, ovs_be16 dst_port,
- const struct conn *master_conn, bool reply, bool src_ip_wc,
+ const struct conn *primary_conn, bool reply, bool src_ip_wc,
bool skip_nat)
{
union ct_addr src_addr;
@@ -2739,47 +2739,47 @@ expectation_create(struct conntrack *ct, ovs_be16 dst_port,
struct alg_exp_node *alg_exp_node = xzalloc(sizeof *alg_exp_node);
if (reply) {
- src_addr = master_conn->key.src.addr;
- dst_addr = master_conn->key.dst.addr;
+ src_addr = primary_conn->key.src.addr;
+ dst_addr = primary_conn->key.dst.addr;
alg_exp_node->nat_rpl_dst = true;
if (skip_nat) {
alg_nat_repl_addr = dst_addr;
- } else if (master_conn->nat_info &&
- master_conn->nat_info->nat_action & NAT_ACTION_DST) {
- alg_nat_repl_addr = master_conn->rev_key.src.addr;
+ } else if (primary_conn->nat_info &&
+ primary_conn->nat_info->nat_action & NAT_ACTION_DST) {
+ alg_nat_repl_addr = primary_conn->rev_key.src.addr;
alg_exp_node->nat_rpl_dst = false;
} else {
- alg_nat_repl_addr = master_conn->rev_key.dst.addr;
+ alg_nat_repl_addr = primary_conn->rev_key.dst.addr;
}
} else {
- src_addr = master_conn->rev_key.src.addr;
- dst_addr = master_conn->rev_key.dst.addr;
+ src_addr = primary_conn->rev_key.src.addr;
+ dst_addr = primary_conn->rev_key.dst.addr;
alg_exp_node->nat_rpl_dst = false;
if (skip_nat) {
alg_nat_repl_addr = src_addr;
- } else if (master_conn->nat_info &&
- master_conn->nat_info->nat_action & NAT_ACTION_DST) {
- alg_nat_repl_addr = master_conn->key.dst.addr;
+ } else if (primary_conn->nat_info &&
+ primary_conn->nat_info->nat_action & NAT_ACTION_DST) {
+ alg_nat_repl_addr = primary_conn->key.dst.addr;
alg_exp_node->nat_rpl_dst = true;
} else {
- alg_nat_repl_addr = master_conn->key.src.addr;
+ alg_nat_repl_addr = primary_conn->key.src.addr;
}
}
if (src_ip_wc) {
memset(&src_addr, 0, sizeof src_addr);
}
- alg_exp_node->key.dl_type = master_conn->key.dl_type;
- alg_exp_node->key.nw_proto = master_conn->key.nw_proto;
- alg_exp_node->key.zone = master_conn->key.zone;
+ alg_exp_node->key.dl_type = primary_conn->key.dl_type;
+ alg_exp_node->key.nw_proto = primary_conn->key.nw_proto;
+ alg_exp_node->key.zone = primary_conn->key.zone;
alg_exp_node->key.src.addr = src_addr;
alg_exp_node->key.dst.addr = dst_addr;
alg_exp_node->key.src.port = ALG_WC_SRC_PORT;
alg_exp_node->key.dst.port = dst_port;
- alg_exp_node->master_mark = master_conn->mark;
- alg_exp_node->master_label = master_conn->label;
- memcpy(&alg_exp_node->master_key, &master_conn->key,
- sizeof alg_exp_node->master_key);
+ alg_exp_node->primary_mark = primary_conn->mark;
+ alg_exp_node->primary_label = primary_conn->label;
+ memcpy(&alg_exp_node->primary_key, &primary_conn->key,
+ sizeof alg_exp_node->primary_key);
/* Take the write lock here because it is almost 100%
* likely that the lookup will fail and
* expectation_create() will be called below. */
@@ -323,9 +323,9 @@ ct_dpif_format_entry(const struct ct_dpif_entry *entry, struct ds *ds,
}
ct_dpif_format_protoinfo(ds, ",protoinfo=", &entry->protoinfo, verbose);
ct_dpif_format_helper(ds, ",helper=", &entry->helper);
- if (verbose && entry->tuple_master.l3_type != 0) {
- ds_put_cstr(ds, ",master=(");
- ct_dpif_format_tuple(ds, &entry->tuple_master);
+ if (verbose && entry->tuple_primary.l3_type != 0) {
+ ds_put_cstr(ds, ",primary=(");
+ ct_dpif_format_tuple(ds, &entry->tuple_primary);
ds_put_cstr(ds, ")");
}
}
@@ -177,7 +177,7 @@ struct ct_dpif_entry {
/* Const members. */
struct ct_dpif_tuple tuple_orig;
struct ct_dpif_tuple tuple_reply;
- struct ct_dpif_tuple tuple_master;
+ struct ct_dpif_tuple tuple_primary;
struct ct_dpif_helper helper;
uint32_t id;
uint16_t zone;
@@ -2794,7 +2794,7 @@ actions=clone(load:0->NXM_OF_IN_PORT[],output:123)
connection), or be of different protocol (i.e., when an ICMP response
is sent to an UDP packet). In case of related connections, e.g., an
FTP data connection, the original direction tuple contains the
- original direction headers from the master connection, e.g., an FTP
+ original direction headers from the primary connection, e.g., an FTP
control connection.
</p>
@@ -237,7 +237,7 @@ nl_ct_flush(void)
ofpbuf_uninit(&buf);
/* Expectations are flushed automatically, because they do not
- * have a master connection anymore */
+ * have a primary connection anymore */
return err;
}
@@ -344,7 +344,7 @@ nl_ct_flush_zone(uint16_t flush_zone)
ofpbuf_uninit(&buf);
/* Expectations are flushed automatically, because they do not
- * have a master connection anymore */
+ * have a primary connection anymore */
return 0;
}
#endif
@@ -1263,7 +1263,7 @@ nl_ct_attrs_to_ct_dpif_entry(struct ct_dpif_entry *entry,
return false;
}
if (attrs[CTA_TUPLE_MASTER] &&
- !nl_ct_parse_tuple(attrs[CTA_TUPLE_MASTER], &entry->tuple_master,
+ !nl_ct_parse_tuple(attrs[CTA_TUPLE_MASTER], &entry->tuple_primary,
nfgen_family)) {
return false;
}
@@ -9525,7 +9525,7 @@ dnl Non-REPLY/RELATED packets get the ACL lookup with the packet headers
dnl in the actual packet direction in reg0 (IN=1, OUT=2). REPLY packets
dnl get the ACL lookup using the conntrack tuple and the inverted direction.
dnl RELATED packets get ACL lookup using the conntrack tuple in the direction
-dnl of the master connection, as storted in ct_mark.
+dnl of the primary connection, as storted in ct_mark.
dnl
dnl Incoming non-related packet in the original direction (ACL IN)
table=1 reg3=1, ip, ct_state=-rel-rpl+trk-inv action=set_field:1->reg0,resubmit(,3),goto_table:5
@@ -9536,7 +9536,7 @@ table=1 reg3=2, ip, ct_state=-rel-rpl+trk-inv action=set_field:2->reg0,resubmit(
dnl Outgoing non-related reply packet (CT ACL IN)
table=1 reg3=2, ip, ct_state=-rel+rpl+trk-inv action=set_field:1->reg0,resubmit(,3,ct),goto_table:4
dnl
-dnl Related packet (CT ACL in the direction of the master connection.)
+dnl Related packet (CT ACL in the direction of the primary connection.)
table=1 ip, ct_state=+rel+trk-inv, action=move:NXM_NX_CT_MARK[[]]->NXM_NX_REG0[[]],resubmit(,3,ct),goto_table:4
dnl Drop everything else.
table=1 priority=0, action=drop
@@ -9569,7 +9569,7 @@ table=5 reg2=0 priority=1000 action=drop
dnl Commit new non-related IP connections.
table=5 priority=10 reg2=1 ct_state=+new-rel, ip, action=ct(zone=NXM_NX_REG4[[0..15]],commit,exec(move:NXM_NX_REG3[[0..31]]->NXM_NX_CT_MARK[[0..31]],move:NXM_NX_REG1[[0..31]]->NXM_NX_CT_LABEL[[96..127]])),goto_table:6
dnl Commit new related connections in either direction, which inherit the mark
-dnl (the direction of the original direction master tuple) from the master
+dnl (the direction of the original direction primary tuple) from the primary
dnl connection.
table=5 priority=10 reg2=1 ct_state=+new+rel, ip, action=ct(zone=NXM_NX_REG4[[0..15]],commit,exec(move:NXM_NX_REG1[[0..31]]->NXM_NX_CT_LABEL[[96..127]])),goto_table:6
dnl Forward everything else, including stateless accepts.
@@ -4818,7 +4818,7 @@ dnl Non-REPLY/RELATED packets get the ACL lookup with the packet headers
dnl in the actual packet direction in reg0 (IN=1, OUT=2). REPLY packets
dnl get the ACL lookup using the conntrack tuple and the inverted direction.
dnl RELATED packets get ACL lookup using the conntrack tuple in the direction
-dnl of the master connection, as stored in ct_label[0].
+dnl of the primary connection, as stored in ct_label[0].
dnl
dnl Incoming non-related packet in the original direction (ACL IN)
table=1 reg3=1, ip, ct_state=-rel-rpl+trk-inv action=set_field:1->reg0,resubmit(,3),goto_table:5
@@ -4829,7 +4829,7 @@ table=1 reg3=2, ip, ct_state=-rel-rpl+trk-inv action=set_field:2->reg0,resubmit(
dnl Outgoing non-related reply packet (CT ACL IN)
table=1 reg3=2, ip, ct_state=-rel+rpl+trk-inv action=set_field:1->reg0,resubmit(,3,ct),goto_table:4
dnl
-dnl Related packet (CT ACL in the direction of the master connection.)
+dnl Related packet (CT ACL in the direction of the primary connection.)
table=1 ip, ct_state=+rel+trk-inv, action=move:NXM_NX_CT_LABEL[[0]]->NXM_NX_REG0[[0]],resubmit(,3,ct),goto_table:4
dnl Drop everything else.
table=1 priority=0, action=drop
@@ -4871,7 +4871,7 @@ dnl (This should not get any packets in this test.)
table=5 priority=10 reg2=1 reg3=2 ct_state=+new-rel, ip, action=ct(zone=NXM_NX_REG4[[0..15]],commit,nat(dst=$2),exec(move:NXM_NX_REG3[[0]]->NXM_NX_CT_LABEL[[0]],move:NXM_NX_REG1[[0..31]]->NXM_NX_CT_LABEL[[96..127]])),goto_table:6
dnl Commit new related connections in either direction, which need 'nat'
dnl and which inherit the label (the direction of the original direction
-dnl master tuple) from the master connection.
+dnl primary tuple) from the primary connection.
table=5 priority=10 reg2=1 ct_state=+new+rel, ip, action=ct(zone=NXM_NX_REG4[[0..15]],commit,nat,exec(move:NXM_NX_REG1[[0..31]]->NXM_NX_CT_LABEL[[96..127]])),goto_table:6
dnl
dnl NAT incoming non-NEW packets. Outgoing packets were NATted in table 0.
Signed-off-by: Ben Pfaff <blp@ovn.org> --- include/openvswitch/meta-flow.h | 14 +++---- lib/conntrack-private.h | 10 ++--- lib/conntrack.c | 74 ++++++++++++++++----------------- lib/ct-dpif.c | 6 +-- lib/ct-dpif.h | 2 +- lib/meta-flow.xml | 2 +- lib/netlink-conntrack.c | 6 +-- tests/ofproto-dpif.at | 6 +-- tests/system-traffic.at | 6 +-- 9 files changed, 63 insertions(+), 63 deletions(-)