Userspace Datapath: Add ALG infra and FTP.

ALG infra and FTP (both V4 and V6) support is added to the userspace
datapath.  Also, NAT support is included.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>

lib/conntrack-private.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2016 Nicira, Inc.
+ * Copyright (c) 2015, 2016, 2017 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -46,14 +46,15 @@ struct ct_endpoint {
  * hashing in ct_endpoint_hash_add(). */
 BUILD_ASSERT_DECL(sizeof(struct ct_endpoint) == sizeof(struct ct_addr) + 4);
 
-/* Changes to this structure need to be reflected in conn_key_hash() */
+/* Changes to this structure need to be reflected in conn_key_hash()
+ * and conn_key_cmp(). */
 struct conn_key {
     struct ct_endpoint src;
     struct ct_endpoint dst;
 
     ovs_be16 dl_type;
-    uint8_t nw_proto;
     uint16_t zone;
+    uint8_t nw_proto;
 };
 
 struct nat_conn_key_node {
@@ -62,17 +63,50 @@ struct nat_conn_key_node {
     struct conn_key value;
 };
 
+/* This is used for alg expectations; an expectation is a
+ * context created in preparation for establishing a data
+ * connection. The expectation is created by the control
+ * connection. */
+struct alg_exp_node {
+    struct hmap_node node;
+    /* Expiry list node for an expectation. */
+    struct ovs_list exp_node;
+    /* The time when this expectation will expire. */
+    long long expiration;
+    /* Key of data connection to be created. */
+    struct conn_key key;
+    /* Corresponding key of the control connection. */
+    struct conn_key master_key;
+    /* The NAT replacement address to be used by the data connection. */
+    struct ct_addr alg_nat_repl_addr;
+    /* The data connection inherits the master control
+     * connection label and mark. */
+    ovs_u128 master_label;
+    uint32_t master_mark;
+    /* True if the expectation is for passive mode, as is
+     * one option for FTP. */
+    bool passive_mode;
+};
+
 struct conn {
     struct conn_key key;
     struct conn_key rev_key;
+    /* Only used for orig_tuple support. */
+    struct conn_key master_key;
     long long expiration;
     struct ovs_list exp_node;
     struct hmap_node node;
     ovs_u128 label;
     /* XXX: consider flattening. */
     struct nat_action_info_t *nat_info;
+    char *alg;
+    int seq_skew;
     uint32_t mark;
     uint8_t conn_type;
+    /* TCP sequence skew due to NATTing of FTP control messages. */
+    uint8_t seq_skew_dir;
+    /* True if alg data connection. */
+    uint8_t alg_related;
 };
 
 enum ct_update_res {

lib/conntrack.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2016 Nicira, Inc.
+ * Copyright (c) 2015, 2016, 2017 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -267,9 +267,17 @@ struct conntrack {
     /* The following resources are referenced during nat connection
      * creation and deletion. */
     struct hmap nat_conn_keys OVS_GUARDED;
+    /* Hash table for alg expectations. Expectations are created
+     * by control connections to help create data connections. */
+    struct hmap alg_expectations OVS_GUARDED;
+    /* Expiry list for alg expectations. */
+    struct ovs_list alg_exp_list OVS_GUARDED;
     /* This lock is used during NAT connection creation and deletion;
      * it is taken after a bucket lock and given back before that
      * bucket unlock.
+     * This lock is similarly used to guard alg_expectations and
+     * alg_exp_list. If a bucket lock is also held during the normal
+     * code flow, then is must be taken first first and released last.
      */
     struct ct_rwlock resources_lock;