diff options
author | Alan Somers <asomers@FreeBSD.org> | 2017-02-22 23:57:22 +0000 |
---|---|---|
committer | Alan Somers <asomers@FreeBSD.org> | 2017-02-22 23:57:22 +0000 |
commit | 56a1ced0d59743d165d97f4cc51c1b37014e8399 (patch) | |
tree | 12906f0954dbb2ab8a17a026812d3764867c6504 /tests | |
parent | 84a6eddc43519d1a7f02e959efa41c9008d62eeb (diff) | |
download | src-56a1ced0d59743d165d97f4cc51c1b37014e8399.tar.gz src-56a1ced0d59743d165d97f4cc51c1b37014e8399.zip |
Notes
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/sys/netinet/fibs_test.sh | 137 |
1 files changed, 77 insertions, 60 deletions
diff --git a/tests/sys/netinet/fibs_test.sh b/tests/sys/netinet/fibs_test.sh index 16213071baff..9a5a03d417d0 100755 --- a/tests/sys/netinet/fibs_test.sh +++ b/tests/sys/netinet/fibs_test.sh @@ -39,8 +39,7 @@ # arpresolve only checked the default route. # # Outline: -# Create two tap(4) interfaces -# Simulate a crossover cable between them by using net/socat +# Create two connected epair(4) interfaces # Use nping (from security/nmap) to send an ICMP echo request from one # interface to the other, spoofing the source IP. The source IP must be # spoofed, or else it will already have an entry in the arp table. @@ -51,7 +50,7 @@ arpresolve_checks_interface_fib_head() atf_set "descr" "arpresolve should check the interface fib, not the default fib, for routes" atf_set "require.user" "root" atf_set "require.config" "fibs" - atf_set "require.progs" "socat nping" + atf_set "require.progs" "nping" } arpresolve_checks_interface_fib_body() { @@ -74,19 +73,13 @@ arpresolve_checks_interface_fib_body() fi get_fibs 2 - # Configure TAP interfaces - setup_tap "$FIB0" inet ${ADDR0} ${MASK0} - TAP0=$TAP - setup_tap "$FIB1" inet ${ADDR1} ${MASK1} - TAP1=$TAP - - # Simulate a crossover cable - socat /dev/${TAP0} /dev/${TAP1} & - SOCAT_PID=$! - echo ${SOCAT_PID} >> "processes_to_kill" + # Configure epair interfaces + get_epair + setup_iface "$EPAIRA" "$FIB0" inet ${ADDR0} ${MASK0} + setup_iface "$EPAIRB" "$FIB1" inet ${ADDR1} ${MASK1} # Send an ICMP echo request with a spoofed source IP - setfib 2 nping -c 1 -e ${TAP0} -S ${SPOOF_ADDR} \ + setfib "$FIB0" nping -c 1 -e ${EPAIRA} -S ${SPOOF_ADDR} \ --source-mac ${SPOOF_MAC} --icmp --icmp-type "echo-request" \ --icmp-code 0 --icmp-id 0xdead --icmp-seq 1 --data 0xbeef \ ${ADDR1} @@ -94,17 +87,11 @@ arpresolve_checks_interface_fib_body() # characteristic error message dmesg | grep "llinfo.*${SPOOF_ADDR}" # Check that the ARP entry exists - atf_check -o match:"${SPOOF_ADDR}.*expires" setfib 3 arp ${SPOOF_ADDR} + atf_check -o match:"${SPOOF_ADDR}.*expires" setfib "$FIB1" arp ${SPOOF_ADDR} } arpresolve_checks_interface_fib_cleanup() { - if [ -f processes_to_kill ]; then - for pid in $(cat processes_to_kill); do - kill "${pid}" - done - rm -f processes_to_kill - fi - cleanup_tap + cleanup_ifaces } @@ -163,7 +150,7 @@ loopback_and_network_routes_on_nondefault_fib_body() loopback_and_network_routes_on_nondefault_fib_cleanup() { - cleanup_tap + cleanup_ifaces } atf_test_case loopback_and_network_routes_on_nondefault_fib_inet6 cleanup @@ -221,7 +208,7 @@ loopback_and_network_routes_on_nondefault_fib_inet6_body() loopback_and_network_routes_on_nondefault_fib_inet6_cleanup() { - cleanup_tap + cleanup_ifaces } @@ -270,7 +257,7 @@ default_route_with_multiple_fibs_on_same_subnet_body() default_route_with_multiple_fibs_on_same_subnet_cleanup() { - cleanup_tap + cleanup_ifaces } atf_test_case default_route_with_multiple_fibs_on_same_subnet_inet6 cleanup @@ -317,7 +304,7 @@ default_route_with_multiple_fibs_on_same_subnet_inet6_body() default_route_with_multiple_fibs_on_same_subnet_inet6_cleanup() { - cleanup_tap + cleanup_ifaces } @@ -357,7 +344,7 @@ same_ip_multiple_ifaces_fib0_body() } same_ip_multiple_ifaces_fib0_cleanup() { - cleanup_tap + cleanup_ifaces } # Regression test for PR kern/189088 @@ -408,7 +395,7 @@ same_ip_multiple_ifaces_cleanup() { # Due to PR kern/189088, we must destroy the interfaces in LIFO order # in order for the routes to be correctly cleaned up. - for TAPD in `tail -r "tap_devices_to_cleanup"`; do + for TAPD in `tail -r "ifaces_to_cleanup"`; do echo ifconfig ${TAPD} destroy ifconfig ${TAPD} destroy done @@ -453,7 +440,7 @@ same_ip_multiple_ifaces_inet6_body() } same_ip_multiple_ifaces_inet6_cleanup() { - cleanup_tap + cleanup_ifaces } # Regression test for kern/187550 @@ -491,7 +478,7 @@ subnet_route_with_multiple_fibs_on_same_subnet_body() subnet_route_with_multiple_fibs_on_same_subnet_cleanup() { - cleanup_tap + cleanup_ifaces } atf_test_case subnet_route_with_multiple_fibs_on_same_subnet_inet6 cleanup @@ -528,7 +515,7 @@ subnet_route_with_multiple_fibs_on_same_subnet_inet6_body() subnet_route_with_multiple_fibs_on_same_subnet_inet6_cleanup() { - cleanup_tap + cleanup_ifaces } # Test that source address selection works correctly for UDP packets with @@ -579,7 +566,7 @@ udp_dontroute_body() # return ENETUNREACH, or send the packet to the wrong tap atf_check -o ignore setfib ${FIB0} \ ${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP} - cleanup_tap + cleanup_ifaces # Repeat, but this time target the other tap setup_tap ${FIB0} inet ${ADDR0} ${MASK} @@ -592,7 +579,7 @@ udp_dontroute_body() udp_dontroute_cleanup() { - cleanup_tap + cleanup_ifaces } atf_test_case udp_dontroute6 cleanup @@ -634,7 +621,7 @@ udp_dontroute6_body() # return ENETUNREACH, or send the packet to the wrong tap atf_check -o ignore setfib ${FIB0} \ ${SRCDIR}/udp_dontroute -6 ${TARGET} /dev/${TARGET_TAP} - cleanup_tap + cleanup_ifaces # Repeat, but this time target the other tap setup_tap ${FIB0} inet6 ${ADDR0} ${MASK} no_dad @@ -647,7 +634,7 @@ udp_dontroute6_body() udp_dontroute6_cleanup() { - cleanup_tap + cleanup_ifaces } @@ -688,22 +675,58 @@ get_fibs() done } +# Creates a new pair of connected epair(4) interface, registers them for +# cleanup, and returns their namen via the environment variables EPAIRA and +# EPAIRB +get_epair() +{ + local EPAIRD + + if EPAIRD=`ifconfig epair create`; then + # Record the TAP device so we can clean it up later + echo ${EPAIRD} >> "ifaces_to_cleanup" + EPAIRA=${EPAIRD} + EPAIRB=${EPAIRD%a}b + else + atf_skip "Could not create epair(4) interfaces" + fi +} + # Creates a new tap(4) interface, registers it for cleanup, and returns the # name via the environment variable TAP get_tap() { - local TAPN=0 - while ! ifconfig tap${TAPN} create > /dev/null 2>&1; do - if [ "$TAPN" -ge 8 ]; then - atf_skip "Could not create a tap(4) interface" - else - TAPN=$(($TAPN + 1)) - fi - done - local TAPD=tap${TAPN} - # Record the TAP device so we can clean it up later - echo ${TAPD} >> "tap_devices_to_cleanup" - TAP=${TAPD} + local TAPD + + if TAPD=`ifconfig tap create`; then + # Record the TAP device so we can clean it up later + echo ${TAPD} >> "ifaces_to_cleanup" + TAP=${TAPD} + else + atf_skip "Could not create a tap(4) interface" + fi +} + +# Configure an ethernet interface +# parameters: +# Interface name +# fib +# Protocol (inet or inet6) +# IP address +# Netmask in number of bits (eg 24 or 8) +# Extra flags +# Return: None +setup_iface() +{ + local IFACE=$1 + local FIB=$2 + local PROTO=$3 + local ADDR=$4 + local MASK=$5 + local FLAGS=$6 + echo setfib ${FIB} \ + ifconfig $IFACE ${PROTO} ${ADDR}/${MASK} fib $FIB $FLAGS + setfib ${FIB} ifconfig $IFACE ${PROTO} ${ADDR}/${MASK} fib $FIB $FLAGS } # Create a tap(4) interface, configure it, and register it for cleanup. @@ -716,23 +739,17 @@ get_tap() # Return: the tap interface name as the env variable TAP setup_tap() { - local FIB=$1 - local PROTO=$2 - local ADDR=$3 - local MASK=$4 - local FLAGS=$5 get_tap - echo setfib ${FIB} ifconfig $TAP ${PROTO} ${ADDR}/${MASK} fib $FIB $FLAGS - setfib ${FIB} ifconfig $TAP ${PROTO} ${ADDR}/${MASK} fib $FIB $FLAGS + setup_iface "$TAP" "$@" } -cleanup_tap() +cleanup_ifaces() { - if [ -f tap_devices_to_cleanup ]; then - for tap_device in $(cat tap_devices_to_cleanup); do - echo ifconfig "${tap_device}" destroy - ifconfig "${tap_device}" destroy 2>/dev/null || true + if [ -f ifaces_to_cleanup ]; then + for iface in $(cat ifaces_to_cleanup); do + echo ifconfig "${iface}" destroy + ifconfig "${iface}" destroy 2>/dev/null || true done - rm -f tap_devices_to_cleanup + rm -f ifaces_to_cleanup fi } |