diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2019-03-04 18:15:06 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2019-03-04 18:15:06 +0000 |
| commit | 06aac31aecb6028d346abc6b6cd54f58c12a1a32 (patch) | |
| tree | c05689396d844064e92834b4a0b6c55010d5abf0 | |
| parent | 01c27978f5616fa21ef5e6c3fef6c5d9139c1a66 (diff) | |
Notes
| -rw-r--r-- | tests/sys/Makefile | 2 | ||||
| -rw-r--r-- | tests/sys/common/Makefile | 7 | ||||
| -rw-r--r-- | tests/sys/common/vnet.subr | 51 | ||||
| -rw-r--r-- | tests/sys/netipsec/tunnel/utils.subr | 63 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/anchor.sh | 4 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/forward.sh | 12 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/fragmentation.sh | 12 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/names.sh | 4 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/nat.sh | 8 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/pass_block.sh | 12 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/pfsync.sh | 10 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/rdr.sh | 4 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/route_to.sh | 12 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/set_skip.sh | 4 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/set_tos.sh | 6 | ||||
| -rwxr-xr-x | tests/sys/netpfil/pf/synproxy.sh | 8 | ||||
| -rw-r--r-- | tests/sys/netpfil/pf/utils.subr | 46 |
17 files changed, 126 insertions, 139 deletions
diff --git a/tests/sys/Makefile b/tests/sys/Makefile index 0907ffa58ad3f..f8f6ff3925e35 100644 --- a/tests/sys/Makefile +++ b/tests/sys/Makefile @@ -39,4 +39,6 @@ _cddl= cddl # Items not integrated into kyua runs by default SUBDIR+= pjdfstest +SUBDIR+= common + .include <bsd.test.mk> diff --git a/tests/sys/common/Makefile b/tests/sys/common/Makefile new file mode 100644 index 0000000000000..4a5d6d584fde3 --- /dev/null +++ b/tests/sys/common/Makefile @@ -0,0 +1,7 @@ +# $FreeBSD$ + +PACKAGE= common +TESTSDIR= ${TESTSBASE}/sys/common +${PACKAGE}FILES+= vnet.subr + +.include <bsd.test.mk> diff --git a/tests/sys/common/vnet.subr b/tests/sys/common/vnet.subr new file mode 100644 index 0000000000000..53b387ec07e53 --- /dev/null +++ b/tests/sys/common/vnet.subr @@ -0,0 +1,51 @@ +# $FreeBSD$ +# VNAT/jail utility functions +## + +vnet_init() +{ + if [ "`sysctl -i -n kern.features.vimage`" != 1 ]; then + atf_skip "This test requires VIMAGE" + fi +} + +vnet_mkepair() +{ + ifname=$(ifconfig epair create) + echo $ifname >> created_interfaces.lst + echo ${ifname%a} +} + +vnet_mkjail() +{ + jailname=$1 + shift + + vnet_interfaces= + for ifname in $@ + do + vnet_interfaces="${vnet_interfaces} vnet.interface=${ifname}" + done + jail -c name=${jailname} persist vnet ${vnet_interfaces} + + echo $jailname >> created_jails.lst +} + +vnet_cleanup() +{ + if [ -f created_jails.lst ]; then + for jailname in `cat created_jails.lst` + do + jail -r ${jailname} + done + rm created_jails.lst + fi + + if [ -f created_interfaces.lst ]; then + for ifname in `cat created_interfaces.lst` + do + ifconfig ${ifname} destroy + done + rm created_interfaces.lst + fi +} diff --git a/tests/sys/netipsec/tunnel/utils.subr b/tests/sys/netipsec/tunnel/utils.subr index 4800b73510aa2..3d6da3f35cccd 100644 --- a/tests/sys/netipsec/tunnel/utils.subr +++ b/tests/sys/netipsec/tunnel/utils.subr @@ -4,51 +4,29 @@ : ${TMPDIR=/tmp} -ist_init() -{ - if [ "$(sysctl -i -n kern.features.vimage)" != 1 ]; then - atf_skip "This test requires VIMAGE" - fi -} - -pft_mkepair() -{ - ifname=$(ifconfig epair create) - echo $ifname >> created_interfaces.lst - echo ${ifname%a} -} +. $(atf_get_srcdir)/../../common/vnet.subr -pft_mkjail() +ist_init() { - jailname=$1 - shift - - vnet_interfaces= - for ifname in $@ - do - vnet_interfaces="${vnet_interfaces} vnet.interface=${ifname}" - done - jail -c name=${jailname} persist vnet ${vnet_interfaces} - - echo $jailname >> created_jails.lst + vnet_init } ist_labsetup () { - epair_LAN_A=$(pft_mkepair) + epair_LAN_A=$(vnet_mkepair) ifconfig ${epair_LAN_A}a up - epair_PUB_A=$(pft_mkepair) + epair_PUB_A=$(vnet_mkepair) ifconfig ${epair_PUB_A}a up - epair_LAN_B=$(pft_mkepair) + epair_LAN_B=$(vnet_mkepair) ifconfig ${epair_LAN_B}a up - epair_PUB_B=$(pft_mkepair) + epair_PUB_B=$(vnet_mkepair) ifconfig ${epair_PUB_B}a up - pft_mkjail hostA ${epair_LAN_A}a - pft_mkjail ipsecA ${epair_LAN_A}b ${epair_PUB_A}a - pft_mkjail router ${epair_PUB_A}b ${epair_PUB_B}b - pft_mkjail ipsecB ${epair_LAN_B}b ${epair_PUB_B}a - pft_mkjail hostB ${epair_LAN_B}a + vnet_mkjail hostA ${epair_LAN_A}a + vnet_mkjail ipsecA ${epair_LAN_A}b ${epair_PUB_A}a + vnet_mkjail router ${epair_PUB_A}b ${epair_PUB_B}b + vnet_mkjail ipsecB ${epair_LAN_B}b ${epair_PUB_B}a + vnet_mkjail hostB ${epair_LAN_B}a } ist_v4_setup () @@ -147,20 +125,5 @@ ist_test() } ist_cleanup() { - if [ -f created_jails.lst ]; then - for jailname in $(cat created_jails.lst) - do - jail -r ${jailname} - rm -f ${TMPDIR}/ipsec.${jailname}.conf - done - rm created_jails.lst - fi - - if [ -f created_interfaces.lst ]; then - for ifname in $(cat created_interfaces.lst) - do - ifconfig ${ifname} destroy - done - rm created_interfaces.lst - fi + vnet_cleanup } diff --git a/tests/sys/netpfil/pf/anchor.sh b/tests/sys/netpfil/pf/anchor.sh index 4afb59ad04784..93a7d62c79183 100755 --- a/tests/sys/netpfil/pf/anchor.sh +++ b/tests/sys/netpfil/pf/anchor.sh @@ -13,8 +13,8 @@ pr183198_body() { pft_init - epair=$(pft_mkepair) - pft_mkjail alcatraz ${epair}b + epair=$(vnet_mkepair) + vnet_mkjail alcatraz ${epair}b jexec alcatraz pfctl -e # Forward with pf enabled diff --git a/tests/sys/netpfil/pf/forward.sh b/tests/sys/netpfil/pf/forward.sh index a41ff8934a836..0c97d9601cdc8 100755 --- a/tests/sys/netpfil/pf/forward.sh +++ b/tests/sys/netpfil/pf/forward.sh @@ -16,13 +16,13 @@ v4_body() { pft_init - epair_send=$(pft_mkepair) + epair_send=$(vnet_mkepair) ifconfig ${epair_send}a 192.0.2.1/24 up - epair_recv=$(pft_mkepair) + epair_recv=$(vnet_mkepair) ifconfig ${epair_recv}a up - pft_mkjail alcatraz ${epair_send}b ${epair_recv}b + vnet_mkjail alcatraz ${epair_send}b ${epair_recv}b jexec alcatraz ifconfig ${epair_send}b 192.0.2.2/24 up jexec alcatraz ifconfig ${epair_recv}b 198.51.100.2/24 up jexec alcatraz sysctl net.inet.ip.forwarding=1 @@ -75,13 +75,13 @@ v6_body() { pft_init - epair_send=$(pft_mkepair) - epair_recv=$(pft_mkepair) + epair_send=$(vnet_mkepair) + epair_recv=$(vnet_mkepair) ifconfig ${epair_send}a inet6 2001:db8:42::1/64 up no_dad -ifdisabled ifconfig ${epair_recv}a up - pft_mkjail alcatraz ${epair_send}b ${epair_recv}b + vnet_mkjail alcatraz ${epair_send}b ${epair_recv}b jexec alcatraz ifconfig ${epair_send}b inet6 2001:db8:42::2/64 up no_dad jexec alcatraz ifconfig ${epair_recv}b inet6 2001:db8:43::2/64 up no_dad diff --git a/tests/sys/netpfil/pf/fragmentation.sh b/tests/sys/netpfil/pf/fragmentation.sh index 09f4ad85c0820..943c76e478f31 100755 --- a/tests/sys/netpfil/pf/fragmentation.sh +++ b/tests/sys/netpfil/pf/fragmentation.sh @@ -14,8 +14,8 @@ too_many_fragments_body() { pft_init - epair=$(pft_mkepair) - pft_mkjail alcatraz ${epair}a + epair=$(vnet_mkepair) + vnet_mkjail alcatraz ${epair}a ifconfig ${epair}b inet 192.0.2.1/24 up jexec alcatraz ifconfig ${epair}a 192.0.2.2/24 up @@ -57,11 +57,11 @@ v6_body() { pft_init - epair_send=$(pft_mkepair) - epair_link=$(pft_mkepair) + epair_send=$(vnet_mkepair) + epair_link=$(vnet_mkepair) - pft_mkjail alcatraz ${epair_send}b ${epair_link}a - pft_mkjail singsing ${epair_link}b + vnet_mkjail alcatraz ${epair_send}b ${epair_link}a + vnet_mkjail singsing ${epair_link}b ifconfig ${epair_send}a inet6 2001:db8:42::1/64 no_dad up diff --git a/tests/sys/netpfil/pf/names.sh b/tests/sys/netpfil/pf/names.sh index f73a149f8e909..039383a191b45 100755 --- a/tests/sys/netpfil/pf/names.sh +++ b/tests/sys/netpfil/pf/names.sh @@ -13,9 +13,9 @@ names_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) - pft_mkjail alcatraz ${epair}b + vnet_mkjail alcatraz ${epair}b ifconfig ${epair}a name foo jexec alcatraz ifconfig ${epair}b name foo diff --git a/tests/sys/netpfil/pf/nat.sh b/tests/sys/netpfil/pf/nat.sh index 57ea1c96ff2b8..6ce84310ce846 100755 --- a/tests/sys/netpfil/pf/nat.sh +++ b/tests/sys/netpfil/pf/nat.sh @@ -13,11 +13,11 @@ exhaust_body() { pft_init - epair_nat=$(pft_mkepair) - epair_echo=$(pft_mkepair) + epair_nat=$(vnet_mkepair) + epair_echo=$(vnet_mkepair) - pft_mkjail nat ${epair_nat}b ${epair_echo}a - pft_mkjail echo ${epair_echo}b + vnet_mkjail nat ${epair_nat}b ${epair_echo}a + vnet_mkjail echo ${epair_echo}b ifconfig ${epair_nat}a 192.0.2.2/24 up route add -net 198.51.100.0/24 192.0.2.1 diff --git a/tests/sys/netpfil/pf/pass_block.sh b/tests/sys/netpfil/pf/pass_block.sh index 14c26b6d5f0dd..ee7430acdc328 100755 --- a/tests/sys/netpfil/pf/pass_block.sh +++ b/tests/sys/netpfil/pf/pass_block.sh @@ -13,11 +13,11 @@ v4_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) ifconfig ${epair}a 192.0.2.1/24 up # Set up a simple jail with one interface - pft_mkjail alcatraz ${epair}b + vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up # Trivial ping to the jail, without pf @@ -52,11 +52,11 @@ v6_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) ifconfig ${epair}a inet6 2001:db8:42::1/64 up no_dad # Set up a simple jail with one interface - pft_mkjail alcatraz ${epair}b + vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 up no_dad # Trivial ping to the jail, without pf @@ -95,10 +95,10 @@ noalias_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) ifconfig ${epair}a inet6 2001:db8:42::1/64 up no_dad - pft_mkjail alcatraz ${epair}b + vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 up no_dad linklocaladdr=$(jexec alcatraz ifconfig ${epair}b inet6 \ diff --git a/tests/sys/netpfil/pf/pfsync.sh b/tests/sys/netpfil/pf/pfsync.sh index 17b73a0f098b7..95209b832c621 100755 --- a/tests/sys/netpfil/pf/pfsync.sh +++ b/tests/sys/netpfil/pf/pfsync.sh @@ -19,12 +19,12 @@ common_body() defer=$1 pfsynct_init - epair_sync=$(pft_mkepair) - epair_one=$(pft_mkepair) - epair_two=$(pft_mkepair) + epair_sync=$(vnet_mkepair) + epair_one=$(vnet_mkepair) + epair_two=$(vnet_mkepair) - pft_mkjail one ${epair_one}a ${epair_sync}a - pft_mkjail two ${epair_two}a ${epair_sync}b + vnet_mkjail one ${epair_one}a ${epair_sync}a + vnet_mkjail two ${epair_two}a ${epair_sync}b # pfsync interface jexec one ifconfig ${epair_sync}a 192.0.2.1/24 up diff --git a/tests/sys/netpfil/pf/rdr.sh b/tests/sys/netpfil/pf/rdr.sh index 4f0aeebc9212d..845ca2d05c95b 100755 --- a/tests/sys/netpfil/pf/rdr.sh +++ b/tests/sys/netpfil/pf/rdr.sh @@ -13,9 +13,9 @@ basic_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) - pft_mkjail alcatraz ${epair}b + vnet_mkjail alcatraz ${epair}b ifconfig ${epair}a 192.0.2.2/24 up route add -net 198.51.100.0/24 192.0.2.1 diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh index 1d36941ddb6f3..a714e0588a9f3 100755 --- a/tests/sys/netpfil/pf/route_to.sh +++ b/tests/sys/netpfil/pf/route_to.sh @@ -13,12 +13,12 @@ v4_body() { pft_init - epair_send=$(pft_mkepair) + epair_send=$(vnet_mkepair) ifconfig ${epair_send}a 192.0.2.1/24 up - epair_route=$(pft_mkepair) + epair_route=$(vnet_mkepair) ifconfig ${epair_route}a 203.0.113.1/24 up - pft_mkjail alcatraz ${epair_send}b ${epair_route}b + vnet_mkjail alcatraz ${epair_send}b ${epair_route}b jexec alcatraz ifconfig ${epair_send}b 192.0.2.2/24 up jexec alcatraz ifconfig ${epair_route}b 203.0.113.2/24 up jexec alcatraz route add -net 198.51.100.0/24 192.0.2.1 @@ -49,12 +49,12 @@ v6_body() { pft_init - epair_send=$(pft_mkepair) + epair_send=$(vnet_mkepair) ifconfig ${epair_send}a inet6 2001:db8:42::1/64 up no_dad -ifdisabled - epair_route=$(pft_mkepair) + epair_route=$(vnet_mkepair) ifconfig ${epair_route}a inet6 2001:db8:43::1/64 up no_dad -ifdisabled - pft_mkjail alcatraz ${epair_send}b ${epair_route}b + vnet_mkjail alcatraz ${epair_send}b ${epair_route}b jexec alcatraz ifconfig ${epair_send}b inet6 2001:db8:42::2/64 up no_dad jexec alcatraz ifconfig ${epair_route}b inet6 2001:db8:43::2/64 up no_dad jexec alcatraz route add -6 2001:db8:666::/64 2001:db8:42::2 diff --git a/tests/sys/netpfil/pf/set_skip.sh b/tests/sys/netpfil/pf/set_skip.sh index 611eca9d67100..d9d04025655ea 100755 --- a/tests/sys/netpfil/pf/set_skip.sh +++ b/tests/sys/netpfil/pf/set_skip.sh @@ -14,7 +14,7 @@ set_skip_group_body() # See PR 229241 pft_init - pft_mkjail alcatraz + vnet_mkjail alcatraz jexec alcatraz ifconfig lo0 127.0.0.1/8 up jexec alcatraz ifconfig lo0 group foo jexec alcatraz pfctl -e @@ -42,7 +42,7 @@ set_skip_group_lo_body() # See PR 229241 pft_init - pft_mkjail alcatraz + vnet_mkjail alcatraz jexec alcatraz ifconfig lo0 127.0.0.1/8 up jexec alcatraz pfctl -e pft_set_rules alcatraz "set skip on lo" \ diff --git a/tests/sys/netpfil/pf/set_tos.sh b/tests/sys/netpfil/pf/set_tos.sh index 5e56b7ceb6563..246c7e1724da6 100755 --- a/tests/sys/netpfil/pf/set_tos.sh +++ b/tests/sys/netpfil/pf/set_tos.sh @@ -16,13 +16,13 @@ v4_body() { pft_init - epair_send=$(pft_mkepair) + epair_send=$(vnet_mkepair) ifconfig ${epair_send}a 192.0.2.1/24 up - epair_recv=$(pft_mkepair) + epair_recv=$(vnet_mkepair) ifconfig ${epair_recv}a up - pft_mkjail alcatraz ${epair_send}b ${epair_recv}b + vnet_mkjail alcatraz ${epair_send}b ${epair_recv}b jexec alcatraz ifconfig ${epair_send}b 192.0.2.2/24 up jexec alcatraz ifconfig ${epair_recv}b 198.51.100.2/24 up jexec alcatraz sysctl net.inet.ip.forwarding=1 diff --git a/tests/sys/netpfil/pf/synproxy.sh b/tests/sys/netpfil/pf/synproxy.sh index 5d79dbac9d111..bb4161f58d42d 100755 --- a/tests/sys/netpfil/pf/synproxy.sh +++ b/tests/sys/netpfil/pf/synproxy.sh @@ -13,18 +13,18 @@ synproxy_body() { pft_init - epair=$(pft_mkepair) + epair=$(vnet_mkepair) ifconfig ${epair}a 192.0.2.1/24 up route add -net 198.51.100.0/24 192.0.2.2 - link=$(pft_mkepair) + link=$(vnet_mkepair) - pft_mkjail alcatraz ${epair}b ${link}a + vnet_mkjail alcatraz ${epair}b ${link}a jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up jexec alcatraz ifconfig ${link}a 198.51.100.1/24 up jexec alcatraz sysctl net.inet.ip.forwarding=1 - pft_mkjail singsing ${link}b + vnet_mkjail singsing ${link}b jexec singsing ifconfig ${link}b 198.51.100.2/24 up jexec singsing route add default 198.51.100.1 diff --git a/tests/sys/netpfil/pf/utils.subr b/tests/sys/netpfil/pf/utils.subr index 50a7de0611f89..915aba318d18c 100644 --- a/tests/sys/netpfil/pf/utils.subr +++ b/tests/sys/netpfil/pf/utils.subr @@ -2,15 +2,15 @@ # Utility functions ## +. $(atf_get_srcdir)/../../common/vnet.subr + pft_init() { + vnet_init + if [ ! -c /dev/pf ]; then atf_skip "This test requires pf" fi - - if [ "`sysctl -i -n kern.features.vimage`" != 1 ]; then - atf_skip "This test requires VIMAGE" - fi } pfsynct_init() @@ -22,28 +22,6 @@ pfsynct_init() fi } -pft_mkepair() -{ - ifname=$(ifconfig epair create) - echo $ifname >> created_interfaces.lst - echo ${ifname%a} -} - -pft_mkjail() -{ - jailname=$1 - shift - - vnet_interfaces= - for ifname in $@ - do - vnet_interfaces="${vnet_interfaces} vnet.interface=${ifname}" - done - jail -c name=${jailname} persist vnet ${vnet_interfaces} - - echo $jailname >> created_jails.lst -} - pft_set_rules() { jname=$1 @@ -66,21 +44,7 @@ pft_set_rules() pft_cleanup() { - if [ -f created_jails.lst ]; then - for jailname in `cat created_jails.lst` - do - jail -r ${jailname} - done - rm created_jails.lst - fi - - if [ -f created_interfaces.lst ]; then - for ifname in `cat created_interfaces.lst` - do - ifconfig ${ifname} destroy - done - rm created_interfaces.lst - fi + vnet_cleanup } pfsynct_cleanup() |