pcn-iptables: no counters for the default action when there are no rules in the chain

[acloudiator]

pcn-iptables adopts some optimizations to skip the pipeline when no rules are instantiated in the target chain. In particular, the Chain Logic module sets the PASS_LABELING label, which is used by the subsequent modules to understand the situation and act consequently. However, I noticed that in this case, even though the system behaves correctly, it doesn't update the counters for the default action that is matched.

The issue can be easily reproduced by starting pcn-iptables without any rule and then send traffic to the INPUT or FORWARD chain.

• Sebastiano

[mbertrone]

If no rules in INPUT and FORWARD chain, we apply optimization to skip ChainLogic, applying PASS_LABELING label to the packet.

IMO we have 3 possible solutions: A) Keep this optimization, without update counters. B) Keep this optimization, updating INPUT counters, that could be not always correct. E.g. half traffic goes through INPUT and half goes to FORWARD, so we have wrong counters. C) Remove this optimization, with some performance loss, and update counters independently for INPUT and FORWARD chains, after [1] ChainLogic lookup.

@goldenrye [2], suggested to keep track of the issue, without removing optimization (A).

Any further suggestions?

[1] https://github.com/polycube-network/polycube/blame/106ece0232987bec295bda6419f1151aaf3473a8/src/services/pcn-iptables/src/datapaths/Iptables_ChainSelector_dp.c#L154 [2] https://github.com/polycube-network/polycube/pull/41#discussion_r246864901