-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathISSUES
52 lines (48 loc) · 3.25 KB
/
ISSUES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
* Check function class that returns Object to see whether we can use references
* Change enums to static class members
* Replace direct access to FieldOperation members by getters & setters
!* What happens in case of consecutive ranged write + write conditions?
--> a write condition has to mention which element wrote it
!* Write range -> replace by DisjointSegmentList?
--> RoundRobinIPMapper takes discrete inputs
!* Add "Unsupported Elements" category ==> allow to use unsupported elements anyway
--> can still look at (if it applies) the modified/read fields
BUG:
* FromDevice leads to incorrect classifier
* !(ip ttl 5 or ip vers < 6) cannot be correctly translated to packet filter because of the negation
* ((dst net 10.0.0.0/24) and (dst port 80)) cannot be correctly translated to packet filter because of the parantheses.
* Some traffic classes end up to be discarded because we cannot find a correct EtherEncap element. They also have incorrect settings in the IPSynthesizer.
* Test using input/tests/metron.prop
TODO:
* When the IPRewriter configuration is empty, no need to generate IPRewriter.
* Lazy subtraction sometimes leads to superfluous rules that can be greatly simplified.
E.g., dst net 10.0.0.1/16 && !(dst net 20.0.0.1/24) --> dst net 10.0.0.1/16
* Fix style issues according to segment_list
* if Click prefix != /usr/local/bin SNF compilation fails because it cannot detect the custom Click path
* The upper bound of a filter must not be MAX uint32_t but adjusted to the header field's upper bound (e.g., port <= 65535).
* add ID to all elements
* add pointer->element in Write operations
* Identify comments in active lines of the SNF language
* Make IPSynthesizer IPRwriter's child and extend properly
* Direct both directions of a proxy/NAT to the same IPClassifier
* IPSynthesizer should batch packets even if they are fragmented by the internal IPFragmenter
* 3rd pattern of Synthesizer does not have keyword
* Empty classifiers are generated in case of stateful chains with more than 2 interfaces
* Use m4/snf.m4 to apply system checks (e.g., CXX compiler, CLICK, DPDK) and alleviate configure.ac
FIXED:
* ip_filter_parser had duplicate pf_vec_to_str. Now it has one
* ip_filter_parser BUG: In filter_from_src/dst_option; goto was used only in case Option::SRC/DST_UDP_PORT (not for TCP). Now it is used on both
* ip_filter_parser BUG: In filter_from_icmp_option, header field was IP src instead of icmp_type
* output_class.cpp BUG: In output_class_from_pattern, the destination IP part was using header field IP SRC. Now it uses IP dst
* click_element.cpp BUG: In parse_lookup_filter, parsed_prefixes were created using ip_src instead of ip_dst. Fixed
* output_class.cpp FEATURE: A guard condition is added in port_from_lookup_rule to prevent header fields that are different from ip_dst
* parse_value can now identify the case when a primitive can also become a value. E.g., ip proto tcp --> tcp is a primitive but here acts as a value
* Traffic classes created without an output interface are now properly asserted. Also, the way this is done is more robust
###################
# Element support #
###################
* DecIPTTL -> MULTICAST keyword
* IPRewriter options
* IPOutCombo
* ARPResponder/ARPQuerier
* More support for Classifier