aboutsummaryrefslogtreecommitdiff
path: root/tests/sys/netinet6
diff options
context:
space:
mode:
Diffstat (limited to 'tests/sys/netinet6')
-rw-r--r--tests/sys/netinet6/Makefile56
-rwxr-xr-xtests/sys/netinet6/addr6.sh45
-rwxr-xr-xtests/sys/netinet6/divert.sh3
-rwxr-xr-xtests/sys/netinet6/exthdr.sh2
-rwxr-xr-xtests/sys/netinet6/forward6.sh66
-rw-r--r--tests/sys/netinet6/frag6/Makefile1
-rw-r--r--tests/sys/netinet6/frag6/frag6.subr2
-rwxr-xr-xtests/sys/netinet6/mld.sh2
-rwxr-xr-xtests/sys/netinet6/ndp.sh92
-rw-r--r--tests/sys/netinet6/ra.py38
-rw-r--r--tests/sys/netinet6/redirect.sh8
-rwxr-xr-xtests/sys/netinet6/scapyi386.sh2
12 files changed, 275 insertions, 42 deletions
diff --git a/tests/sys/netinet6/Makefile b/tests/sys/netinet6/Makefile
index 82e84859ecbc..26f1a18a8d32 100644
--- a/tests/sys/netinet6/Makefile
+++ b/tests/sys/netinet6/Makefile
@@ -1,32 +1,52 @@
-
PACKAGE= tests
TESTSDIR= ${TESTSBASE}/sys/netinet6
FILESDIR= ${TESTSDIR}
ATF_TESTS_PYTEST= test_ip6_output.py
-ATF_TESTS_SH= \
- exthdr \
- mld \
- scapyi386 \
- redirect \
- divert \
- forward6 \
- output6 \
- lpm6 \
- fibs6 \
- ndp \
- proxy_ndp
-TEST_METADATA.output6+= required_programs="python"
+ATF_TESTS_SH= exthdr \
+ mld \
+ scapyi386 \
+ redirect \
+ divert \
+ forward6 \
+ output6 \
+ lpm6 \
+ fibs6 \
+ ndp \
+ proxy_ndp \
+ addr6
+
+TEST_METADATA.divert+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.exthdr+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.forward6+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.ndp+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.output6+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets" \
+ required_programs="python"
+TEST_METADATA.proxy_ndp+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.redirect+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.scapyi386+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
+TEST_METADATA.addr6+= execenv="jail" \
+ execenv_jail_params="vnet allow.raw_sockets"
-${PACKAGE}FILES+= exthdr.py
-${PACKAGE}FILES+= mld.py
-${PACKAGE}FILES+= scapyi386.py
-${PACKAGE}FILES+= redirect.py
+${PACKAGE}FILES+= exthdr.py \
+ mld.py \
+ scapyi386.py \
+ ra.py \
+ redirect.py
${PACKAGE}FILESMODE_exthdr.py= 0555
${PACKAGE}FILESMODE_mld.py= 0555
${PACKAGE}FILESMODE_scapyi386.py=0555
+${PACKAGE}FILESMODE_ra.py=0555
${PACKAGE}FILESMODE_redirect.py=0555
TESTS_SUBDIRS+= frag6
diff --git a/tests/sys/netinet6/addr6.sh b/tests/sys/netinet6/addr6.sh
new file mode 100755
index 000000000000..38e4bb152240
--- /dev/null
+++ b/tests/sys/netinet6/addr6.sh
@@ -0,0 +1,45 @@
+#!/usr/bin/env atf-sh
+#-
+# SPDX-License-Identifier: ISC
+#
+# Copyright (c) 2025 Lexi Winter.
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+. $(atf_get_srcdir)/../common/vnet.subr
+
+atf_test_case "addr6_invalid_addr" "cleanup"
+addr6_invalid_addr_head()
+{
+ atf_set descr "adding an invalid IPv6 address returns an error"
+ atf_set require.user root
+}
+
+addr6_invalid_addr_body()
+{
+ vnet_init
+
+ ep=$(vnet_mkepair)
+ atf_check -s exit:0 ifconfig ${ep}a inet6 2001:db8::1/128
+ atf_check -s exit:1 -e ignore ifconfig ${ep}a inet6 2001:db8::1/127 alias
+}
+
+addr6_invalid_addr_cleanup()
+{
+ vnet_cleanup
+}
+
+atf_init_test_cases()
+{
+ atf_add_test_case "addr6_invalid_addr"
+}
diff --git a/tests/sys/netinet6/divert.sh b/tests/sys/netinet6/divert.sh
index 2cf57c5966b0..e2dc3e26d97e 100755
--- a/tests/sys/netinet6/divert.sh
+++ b/tests/sys/netinet6/divert.sh
@@ -41,11 +41,10 @@ ipdivert_ip6_output_remote_success_head() {
atf_set descr 'Test valid IPv6 redirect'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
ipdivert_ip6_output_remote_success_body() {
-
ids=65530
id=`printf "%x" ${ids}`
if [ $$ -gt 65535 ]; then
diff --git a/tests/sys/netinet6/exthdr.sh b/tests/sys/netinet6/exthdr.sh
index 350307f13eae..3d866d85ea83 100755
--- a/tests/sys/netinet6/exthdr.sh
+++ b/tests/sys/netinet6/exthdr.sh
@@ -32,7 +32,7 @@ exthdr_head() {
atf_set descr 'Test IPv6 extension header code paths'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
exthdr_body() {
diff --git a/tests/sys/netinet6/forward6.sh b/tests/sys/netinet6/forward6.sh
index b3ccd30aea62..e4b027bf281a 100755
--- a/tests/sys/netinet6/forward6.sh
+++ b/tests/sys/netinet6/forward6.sh
@@ -34,7 +34,7 @@ fwd_ip6_gu_icmp_iface_fast_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_iface_fast_success_body() {
@@ -104,7 +104,7 @@ fwd_ip6_gu_icmp_gw_gu_fast_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_gw_gu_fast_success_body() {
@@ -178,7 +178,7 @@ fwd_ip6_gu_icmp_gw_ll_fast_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_gw_ll_fast_success_body() {
@@ -253,7 +253,7 @@ fwd_ip6_gu_icmp_iface_slow_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_iface_slow_success_body() {
@@ -322,7 +322,7 @@ fwd_ip6_gu_icmp_gw_gu_slow_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_gw_gu_slow_success_body() {
@@ -397,7 +397,7 @@ fwd_ip6_gu_icmp_gw_ll_slow_success_head() {
atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
fwd_ip6_gu_icmp_gw_ll_slow_success_body() {
@@ -466,6 +466,59 @@ fwd_ip6_gu_icmp_gw_ll_slow_success_cleanup() {
vnet_cleanup
}
+atf_test_case "fwd_ip6_blackhole" "cleanup"
+fwd_ip6_blackhole_head() {
+
+ atf_set descr 'Test blackhole routing'
+ atf_set require.user root
+}
+
+fwd_ip6_blackhole_body() {
+ jname="v6t-fwd_ip6_blackhole"
+
+ vnet_init
+
+ epair=$(vnet_mkepair)
+ epair_out=$(vnet_mkepair)
+
+ ifconfig ${epair}a inet6 2001:db8::2/64 up no_dad
+
+ vnet_mkjail ${jname} ${epair}b ${epair_out}b
+ jexec ${jname} ifconfig lo0 inet6 ::1/128 up no_dad
+ jexec ${jname} ifconfig ${epair}b inet6 2001:db8::1/64 up no_dad
+ jexec ${jname} ifconfig ${epair_out}b inet6 2001:db8:1::1/64 up no_dad
+ jexec ${jname} sysctl net.inet6.ip6.forwarding=1
+
+ route -6 add default 2001:db8::1
+
+ atf_check -s exit:2 -o ignore \
+ ping6 -c 1 -t 1 2001:db8:1::2
+ atf_check -s exit:0 -o match:"0 packets not forwardable" \
+ jexec ${jname} netstat -s -p ip6
+
+ # Create blackhole route
+ jexec ${jname} route -6 add 2001:db8:1::2 -blackhole
+
+ # Force slow path
+ jexec ${jname} sysctl net.inet6.ip6.redirect=1
+ atf_check -s exit:2 -o ignore \
+ ping6 -c 1 -t 1 2001:db8:1::2
+ atf_check -s exit:0 -o match:"1 packet not forwardable" \
+ jexec ${jname} netstat -s -p ip6
+
+ # Now try the fast path
+ jexec ${jname} sysctl net.inet6.ip6.redirect=0
+ atf_check -s exit:2 -o ignore \
+ ping6 -c 1 -t 1 2001:db8:1::2
+ atf_check -s exit:0 -o match:"2 packets not forwardable" \
+ jexec ${jname} netstat -s -p ip6
+}
+
+fwd_ip6_blackhole_cleanup() {
+
+ vnet_cleanup
+}
+
atf_init_test_cases()
{
@@ -475,6 +528,7 @@ atf_init_test_cases()
atf_add_test_case "fwd_ip6_gu_icmp_iface_slow_success"
atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success"
atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success"
+ atf_add_test_case "fwd_ip6_blackhole"
}
# end
diff --git a/tests/sys/netinet6/frag6/Makefile b/tests/sys/netinet6/frag6/Makefile
index d1661060368b..3fca0522e533 100644
--- a/tests/sys/netinet6/frag6/Makefile
+++ b/tests/sys/netinet6/frag6/Makefile
@@ -1,4 +1,3 @@
-
PACKAGE= tests
TESTSDIR= ${TESTSBASE}/sys/netinet6/frag6
diff --git a/tests/sys/netinet6/frag6/frag6.subr b/tests/sys/netinet6/frag6/frag6.subr
index 70e7386b60cc..238c9619c398 100644
--- a/tests/sys/netinet6/frag6/frag6.subr
+++ b/tests/sys/netinet6/frag6/frag6.subr
@@ -31,7 +31,7 @@ frag6_head()
{
atf_set descr 'Test IPv6 fragmentation code'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
frag6_body()
diff --git a/tests/sys/netinet6/mld.sh b/tests/sys/netinet6/mld.sh
index 7229aa34dc52..d98624daedf5 100755
--- a/tests/sys/netinet6/mld.sh
+++ b/tests/sys/netinet6/mld.sh
@@ -32,7 +32,7 @@ mldraw01_head() {
atf_set descr 'Test for correct Ethernet Destination MAC address'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
mldraw01_body() {
diff --git a/tests/sys/netinet6/ndp.sh b/tests/sys/netinet6/ndp.sh
index eddd49112421..bac9764ee3c9 100755
--- a/tests/sys/netinet6/ndp.sh
+++ b/tests/sys/netinet6/ndp.sh
@@ -25,7 +25,6 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-#
. $(atf_get_srcdir)/../common/vnet.subr
@@ -36,6 +35,7 @@ ndp_add_gu_success_head() {
}
ndp_add_gu_success_body() {
+ local epair0 jname
vnet_init
@@ -74,6 +74,7 @@ ndp_del_gu_success_head() {
}
ndp_del_gu_success_body() {
+ local epair0 jname
vnet_init
@@ -102,13 +103,94 @@ ndp_del_gu_success_cleanup() {
vnet_cleanup
}
+ndp_if_up()
+{
+ local ifname=$1
+ local jname=$2
-atf_init_test_cases()
+ if [ -n "$jname" ]; then
+ jname="jexec ${jname}"
+ fi
+ atf_check ${jname} ifconfig ${ifname} up
+ atf_check ${jname} ifconfig ${ifname} inet6 -ifdisabled
+ while ${jname} ifconfig ${ifname} inet6 | grep tentative; do
+ sleep 0.1
+ done
+}
+
+ndp_if_lladdr()
{
+ local ifname=$1
+ local jname=$2
- atf_add_test_case "ndp_add_gu_success"
- atf_add_test_case "ndp_del_gu_success"
+ if [ -n "$jname" ]; then
+ jname="jexec ${jname}"
+ fi
+ ${jname} ifconfig ${ifname} inet6 | \
+ awk '/inet6 fe80:/{split($2, addr, "%"); print addr[1]}'
}
-# end
+atf_test_case "ndp_slaac_default_route" "cleanup"
+ndp_slaac_default_route_head() {
+ atf_set descr 'Test default route installation via SLAAC'
+ atf_set require.user root
+ atf_set require.progs python3 scapy
+}
+
+ndp_slaac_default_route_body() {
+ local epair0 jname lladdr
+
+ vnet_init
+
+ jname="v6t-ndp_slaac_default_route"
+
+ epair0=$(vnet_mkepair)
+ vnet_mkjail ${jname} ${epair0}a
+
+ ndp_if_up ${epair0}a ${jname}
+ ndp_if_up ${epair0}b
+ atf_check jexec ${jname} ifconfig ${epair0}a inet6 accept_rtadv
+
+ # Send an RA advertising a prefix.
+ atf_check -e ignore python3 $(atf_get_srcdir)/ra.py \
+ --sendif ${epair0}b \
+ --dst $(ndp_if_lladdr ${epair0}a ${jname}) \
+ --src $(ndp_if_lladdr ${epair0}b) \
+ --prefix "2001:db8:ffff:1000::" --prefixlen 64
+
+ # Wait for a default router to appear.
+ while [ -z "$(jexec ${jname} ndp -r)" ]; do
+ sleep 0.1
+ done
+ atf_check -o match:"^default[[:space:]]+fe80:" \
+ jexec ${jname} netstat -rn -6
+
+ # Get rid of the default route.
+ jexec ${jname} route -6 flush
+ atf_check -o not-match:"^default[[:space:]]+fe80:" \
+ jexec ${jname} netstat -rn -6
+
+ # Send another RA, make sure that the default route is installed again.
+ atf_check -e ignore python3 $(atf_get_srcdir)/ra.py \
+ --sendif ${epair0}b \
+ --dst $(ndp_if_lladdr ${epair0}a ${jname}) \
+ --src $(ndp_if_lladdr ${epair0}b) \
+ --prefix "2001:db8:ffff:1000::" --prefixlen 64
+ while [ -z "$(jexec ${jname} ndp -r)" ]; do
+ sleep 0.1
+ done
+ atf_check -o match:"^default[[:space:]]+fe80:" \
+ jexec ${jname} netstat -rn -6
+}
+
+ndp_slaac_default_route_cleanup() {
+ vnet_cleanup
+}
+
+atf_init_test_cases()
+{
+ atf_add_test_case "ndp_add_gu_success"
+ atf_add_test_case "ndp_del_gu_success"
+ atf_add_test_case "ndp_slaac_default_route"
+}
diff --git a/tests/sys/netinet6/ra.py b/tests/sys/netinet6/ra.py
new file mode 100644
index 000000000000..44814418da48
--- /dev/null
+++ b/tests/sys/netinet6/ra.py
@@ -0,0 +1,38 @@
+#-
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 Klara, Inc.
+#
+
+import argparse
+import scapy.all as sp
+import sys
+
+#
+# Emit a router advertisement with the specified prefix.
+#
+def main():
+ parser = argparse.ArgumentParser("ra.py",
+ description="Emits Router Advertisement packets")
+ parser.add_argument('--sendif', nargs=1, required=True,
+ help='The interface through which the packet will be sent')
+ parser.add_argument('--src', nargs=1, required=True,
+ help='The source IP address')
+ parser.add_argument('--dst', nargs=1, required=True,
+ help='The destination IP address')
+ parser.add_argument('--prefix', nargs=1, required=True,
+ help='The prefix to be advertised')
+ parser.add_argument('--prefixlen', nargs=1, required=True, type=int,
+ help='The prefix length to be advertised')
+
+ args = parser.parse_args()
+ pkt = sp.Ether() / \
+ sp.IPv6(src=args.src, dst=args.dst) / \
+ sp.ICMPv6ND_RA(chlim=64) / \
+ sp.ICMPv6NDOptPrefixInfo(prefix=args.prefix, prefixlen=args.prefixlen)
+
+ sp.sendp(pkt, iface=args.sendif[0], verbose=False)
+ sys.exit(0)
+
+if __name__ == '__main__':
+ main()
diff --git a/tests/sys/netinet6/redirect.sh b/tests/sys/netinet6/redirect.sh
index 64efe7339ffd..40874f8c9b6d 100644
--- a/tests/sys/netinet6/redirect.sh
+++ b/tests/sys/netinet6/redirect.sh
@@ -34,15 +34,11 @@ valid_redirect_head() {
atf_set descr 'Test valid IPv6 redirect'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
valid_redirect_body() {
- if [ "$(atf_config_get ci false)" = "true" ]; then
- atf_skip "https://bugs.freebsd.org/247729"
- fi
-
ids=65533
id=`printf "%x" ${ids}`
if [ $$ -gt 65535 ]; then
@@ -89,7 +85,7 @@ valid_redirect_body() {
while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
sleep 0.1
done
- while [ `jexec ${jname}b ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
+ while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
sleep 0.1
done
diff --git a/tests/sys/netinet6/scapyi386.sh b/tests/sys/netinet6/scapyi386.sh
index bb9ee4cfcd2a..2d91f25dd01e 100755
--- a/tests/sys/netinet6/scapyi386.sh
+++ b/tests/sys/netinet6/scapyi386.sh
@@ -32,7 +32,7 @@ scapyi386_head() {
atf_set descr 'Test for correct Ethernet Destination MAC address'
atf_set require.user root
- atf_set require.progs scapy
+ atf_set require.progs python3 scapy
}
scapyi386_body() {
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-14 16:10:21 +0000