#	$NetBSD: t_arp.sh,v 1.22 2016/11/25 08:51:16 ozaki-r Exp $
#
# Copyright (c) 2015 The NetBSD Foundation, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#

SOCKSRC=unix://commsock1
SOCKDST=unix://commsock2
IP4SRC=10.0.1.1
IP4DST=10.0.1.2
IP4DST_PROXYARP1=10.0.1.3
IP4DST_PROXYARP2=10.0.1.4

DEBUG=${DEBUG:-false}
TIMEOUT=1

atf_test_case arp_cache_expiration_5s cleanup
atf_test_case arp_cache_expiration_10s cleanup
atf_test_case arp_command cleanup
atf_test_case arp_garp cleanup
atf_test_case arp_cache_overwriting cleanup
atf_test_case arp_proxy_arp_pub cleanup
atf_test_case arp_proxy_arp_pubproxy cleanup
atf_test_case arp_link_activation cleanup
atf_test_case arp_static cleanup

arp_cache_expiration_5s_head()
{
	atf_set "descr" "Tests for ARP cache expiration (5s)"
	atf_set "require.progs" "rump_server"
}

arp_cache_expiration_10s_head()
{
	atf_set "descr" "Tests for ARP cache expiration (10s)"
	atf_set "require.progs" "rump_server"
}

arp_command_head()
{
	atf_set "descr" "Tests for arp_commands of arp(8)"
	atf_set "require.progs" "rump_server"
}

arp_garp_head()
{
	atf_set "descr" "Tests for GARP"
	atf_set "require.progs" "rump_server"
}

arp_cache_overwriting_head()
{
	atf_set "descr" "Tests for behavior of overwriting ARP caches"
	atf_set "require.progs" "rump_server"
}

arp_proxy_arp_pub_head()
{
	atf_set "descr" "Tests for Proxy ARP (pub)"
	atf_set "require.progs" "rump_server"
}

arp_proxy_arp_pubproxy_head()
{
	atf_set "descr" "Tests for Proxy ARP (pub proxy)"
	atf_set "require.progs" "rump_server"
}

arp_link_activation_head()
{
	atf_set "descr" "Tests for activating a new MAC address"
	atf_set "require.progs" "rump_server"
}

arp_static_head()
{

	atf_set "descr" "Tests for static ARP entries"
	atf_set "require.progs" "rump_server"
}

setup_dst_server()
{

	rump_server_add_iface $SOCKDST shmif0 bus1
	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 rump.ifconfig shmif0 inet $IP4DST/24
	atf_check -s exit:0 rump.ifconfig shmif0 up
	atf_check -s exit:0 rump.ifconfig -w 10

	$DEBUG && rump.ifconfig shmif0
	$DEBUG && rump.arp -n -a
}

setup_src_server()
{
	local keep=$1

	export RUMP_SERVER=$SOCKSRC

	# Adjust ARP parameters
	atf_check -s exit:0 -o ignore rump.sysctl -w net.inet.arp.keep=$keep

	# Setup an interface
	rump_server_add_iface $SOCKSRC shmif0 bus1
	atf_check -s exit:0 rump.ifconfig shmif0 inet $IP4SRC/24
	atf_check -s exit:0 rump.ifconfig shmif0 up
	atf_check -s exit:0 rump.ifconfig -w 10

	# Sanity check
	$DEBUG && rump.ifconfig shmif0
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -n $IP4SRC
	atf_check -s not-exit:0 -e ignore rump.arp -n $IP4DST
}

test_cache_expiration()
{
	local arp_keep=$1
	local bonus=2

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST

	setup_dst_server
	setup_src_server $arp_keep

	#
	# Check if a cache is expired expectedly
	#
	export RUMP_SERVER=$SOCKSRC
	atf_check -s exit:0 -o ignore rump.ping -n -w $TIMEOUT -c 1 $IP4DST

	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -n $IP4SRC
	# Should be cached
	atf_check -s exit:0 -o ignore rump.arp -n $IP4DST

	atf_check -s exit:0 sleep $(($arp_keep + $bonus))

	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -n $IP4SRC
	# Should be expired
	atf_check -s not-exit:0 -e ignore rump.arp -n $IP4DST
}

arp_cache_expiration_5s_body()
{

	test_cache_expiration 5
	rump_server_destroy_ifaces
}

arp_cache_expiration_10s_body()
{

	test_cache_expiration 10
	rump_server_destroy_ifaces
}

arp_command_body()
{
	local arp_keep=5
	local bonus=2

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST

	setup_dst_server
	setup_src_server $arp_keep

	export RUMP_SERVER=$SOCKSRC

	# We can delete the entry for the interface's IP address
	atf_check -s exit:0 -o ignore rump.arp -d $IP4SRC

	# Add and delete a static entry
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -s 10.0.1.10 b2:a0:20:00:00:10
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:10' rump.arp -n 10.0.1.10
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.10
	atf_check -s exit:0 -o ignore rump.arp -d 10.0.1.10
	$DEBUG && rump.arp -n -a
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.10

	# Add multiple entries via a file
	cat - > ./list <<-EOF
	10.0.1.11 b2:a0:20:00:00:11
	10.0.1.12 b2:a0:20:00:00:12
	10.0.1.13 b2:a0:20:00:00:13
	10.0.1.14 b2:a0:20:00:00:14
	10.0.1.15 b2:a0:20:00:00:15
	EOF
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -f ./list
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:11' rump.arp -n 10.0.1.11
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.11
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:12' rump.arp -n 10.0.1.12
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.12
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:13' rump.arp -n 10.0.1.13
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.13
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:14' rump.arp -n 10.0.1.14
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.14
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:15' rump.arp -n 10.0.1.15
	atf_check -s exit:0 -o match:'permanent' rump.arp -n 10.0.1.15

	# Test arp -a
	atf_check -s exit:0 -o match:'10.0.1.11' rump.arp -n -a
	atf_check -s exit:0 -o match:'10.0.1.12' rump.arp -n -a
	atf_check -s exit:0 -o match:'10.0.1.13' rump.arp -n -a
	atf_check -s exit:0 -o match:'10.0.1.14' rump.arp -n -a
	atf_check -s exit:0 -o match:'10.0.1.15' rump.arp -n -a

	# Flush all entries
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -d -a
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.11
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.12
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.13
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.14
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.15
	atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.1

	# Test temp option
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -s 10.0.1.10 b2:a0:20:00:00:10 temp
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:10' rump.arp -n 10.0.1.10
	atf_check -s exit:0 -o not-match:'permanent' rump.arp -n 10.0.1.10

	# Hm? the cache doesn't expire...
	atf_check -s exit:0 sleep $(($arp_keep + $bonus))
	$DEBUG && rump.arp -n -a
	#atf_check -s not-exit:0 -e ignore rump.arp -n 10.0.1.10

	rump_server_destroy_ifaces
}

make_pkt_str_arpreq()
{
	local target=$1
	local sender=$2
	pkt="> ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42:"
	pkt="$pkt Request who-has $target tell $sender, length 28"
	echo $pkt
}

arp_garp_body()
{
	local pkt=

	rump_server_start $SOCKSRC

	export RUMP_SERVER=$SOCKSRC

	# Setup an interface
	rump_server_add_iface $SOCKSRC shmif0 bus1
	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.1/24
	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.2/24 alias
	atf_check -s exit:0 rump.ifconfig shmif0 up
	$DEBUG && rump.ifconfig shmif0

	atf_check -s exit:0 sleep 1
	shmif_dumpbus -p - bus1 2>/dev/null| tcpdump -n -e -r - > ./out

	# A GARP packet is sent for the primary address
	pkt=$(make_pkt_str_arpreq 10.0.0.1 10.0.0.1)
	atf_check -s exit:0 -x "cat ./out |grep -q '$pkt'"
	# No GARP packet is sent for the alias address
	pkt=$(make_pkt_str_arpreq 10.0.0.2 10.0.0.2)
	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"

	atf_check -s exit:0 rump.ifconfig -w 10
	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.3/24
	atf_check -s exit:0 rump.ifconfig shmif0 inet 10.0.0.4/24 alias

	# No GARP packets are sent during IFF_UP
	shmif_dumpbus -p - bus1 2>/dev/null| tcpdump -n -e -r - > ./out
	pkt=$(make_pkt_str_arpreq 10.0.0.3 10.0.0.3)
	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"
	pkt=$(make_pkt_str_arpreq 10.0.0.4 10.0.0.4)
	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"

	rump_server_destroy_ifaces
}

arp_cache_overwriting_body()
{
	local arp_keep=5
	local bonus=2

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST

	setup_dst_server
	setup_src_server $arp_keep

	export RUMP_SERVER=$SOCKSRC

	# Cannot overwrite a permanent cache
	atf_check -s not-exit:0 -e match:'File exists' \
	    rump.arp -s $IP4SRC b2:a0:20:00:00:ff
	$DEBUG && rump.arp -n -a

	atf_check -s exit:0 -o ignore rump.ping -n -w $TIMEOUT -c 1 $IP4DST
	$DEBUG && rump.arp -n -a
	# Can overwrite a dynamic cache
	atf_check -s exit:0 -o ignore rump.arp -s $IP4DST b2:a0:20:00:00:00
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:00' rump.arp -n $IP4DST
	atf_check -s exit:0 -o match:'permanent' rump.arp -n $IP4DST

	atf_check -s exit:0 -o ignore rump.arp -s 10.0.1.10 b2:a0:20:00:00:10 temp
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:10' rump.arp -n 10.0.1.10
	atf_check -s exit:0 -o not-match:'permanent' rump.arp -n 10.0.1.10
	# Can overwrite a temp cache
	atf_check -s exit:0 -o ignore rump.arp -s 10.0.1.10 b2:a0:20:00:00:ff
	atf_check -s exit:0 -o match:'b2:a0:20:00:00:ff' rump.arp -n 10.0.1.10
	$DEBUG && rump.arp -n -a

	rump_server_destroy_ifaces
}

make_pkt_str_arprep()
{
	local ip=$1
	local mac=$2
	pkt="ethertype ARP (0x0806), length 42: "
	pkt="Reply $ip is-at $mac, length 28"
	echo $pkt
}

make_pkt_str_garp()
{
	local ip=$1
	local mac=$2
	local pkt=
	pkt="$mac > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806),"
	pkt="$pkt length 42: Request who-has $ip tell $ip, length 28"
	echo $pkt
}

test_proxy_arp()
{
	local arp_keep=5
	local opts= title= flags=
	local type=$1

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST tap

	setup_dst_server
	setup_src_server $arp_keep

	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 -o ignore rump.sysctl -w net.inet.ip.forwarding=1
	macaddr_dst=$(get_macaddr $SOCKDST shmif0)

	if [ "$type" = "pub" ]; then
		opts="pub"
		title="permanent published"
	else
		opts="pub proxy"
		title='permanent published \(proxy only\)'
	fi

	#
	# Test#1: First setup an endpoint then create proxy arp entry
	#
	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 rump.ifconfig tap1 create
	atf_check -s exit:0 rump.ifconfig tap1 $IP4DST_PROXYARP1/24 up
	atf_check -s exit:0 rump.ifconfig -w 10

	# Try to ping (should fail w/o proxy arp)
	export RUMP_SERVER=$SOCKSRC
	atf_check -s not-exit:0 -o ignore -e ignore \
	    rump.ping -n -w 1 -c 1 $IP4DST_PROXYARP1

	# Flushing
	extract_new_packets bus1 > ./out

	# Set up proxy ARP entry
	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 -o ignore \
	    rump.arp -s $IP4DST_PROXYARP1 $macaddr_dst $opts
	atf_check -s exit:0 -o match:"$title" rump.arp -n $IP4DST_PROXYARP1

	# Try to ping
	export RUMP_SERVER=$SOCKSRC
	if [ "$type" = "pub" ]; then
		# XXX fails
		atf_check -s not-exit:0 -o ignore -e ignore \
		    rump.ping -n -w 1 -c 1 $IP4DST_PROXYARP1
	else
		atf_check -s exit:0 -o ignore \
		    rump.ping -n -w 1 -c 1 $IP4DST_PROXYARP1
	fi

	extract_new_packets bus1 > ./out
	$DEBUG && cat ./out

	pkt1=$(make_pkt_str_arprep $IP4DST_PROXYARP1 $macaddr_dst)
	pkt2=$(make_pkt_str_garp $IP4DST_PROXYARP1 $macaddr_dst)
	if [ "$type" = "pub" ]; then
		atf_check -s not-exit:0 -x \
		    "cat ./out |grep -q -e '$pkt1' -e '$pkt2'"
	else
		atf_check -s exit:0 -x "cat ./out |grep -q -e '$pkt1' -e '$pkt2'"
	fi

	#
	# Test#2: Create proxy arp entry then set up an endpoint
	#
	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 -o ignore \
	    rump.arp -s $IP4DST_PROXYARP2 $macaddr_dst $opts
	atf_check -s exit:0 -o match:"$title" rump.arp -n $IP4DST_PROXYARP2
	$DEBUG && rump.netstat -nr -f inet

	# Try to ping (should fail because no endpoint exists)
	export RUMP_SERVER=$SOCKSRC
	atf_check -s not-exit:0 -o ignore -e ignore \
	    rump.ping -n -w 1 -c 1 $IP4DST_PROXYARP2

	extract_new_packets bus1 > ./out
	$DEBUG && cat ./out

	# ARP reply should be sent
	pkt=$(make_pkt_str_arprep $IP4DST_PROXYARP2 $macaddr_dst)
	atf_check -s exit:0 -x "cat ./out |grep -q '$pkt'"

	export RUMP_SERVER=$SOCKDST
	atf_check -s exit:0 rump.ifconfig tap2 create
	atf_check -s exit:0 rump.ifconfig tap2 $IP4DST_PROXYARP2/24 up
	atf_check -s exit:0 rump.ifconfig -w 10

	# Try to ping
	export RUMP_SERVER=$SOCKSRC
	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 $IP4DST_PROXYARP2
}

arp_proxy_arp_pub_body()
{

	test_proxy_arp pub
	rump_server_destroy_ifaces
}

arp_proxy_arp_pubproxy_body()
{

	test_proxy_arp pubproxy
	rump_server_destroy_ifaces
}

arp_link_activation_body()
{
	local arp_keep=5
	local bonus=2

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST

	setup_dst_server
	setup_src_server $arp_keep

	# flush old packets
	extract_new_packets bus1 > ./out

	export RUMP_SERVER=$SOCKSRC

	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 link \
	    b2:a1:00:00:00:01

	atf_check -s exit:0 sleep 1
	extract_new_packets bus1 > ./out
	$DEBUG && cat ./out

	pkt=$(make_pkt_str_arpreq $IP4SRC $IP4SRC)
	atf_check -s not-exit:0 -x "cat ./out |grep -q '$pkt'"

	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 link \
	    b2:a1:00:00:00:02 active

	atf_check -s exit:0 sleep 1
	extract_new_packets bus1 > ./out
	$DEBUG && cat ./out

	pkt=$(make_pkt_str_arpreq $IP4SRC $IP4SRC)
	atf_check -s exit:0 -x \
	    "cat ./out |grep '$pkt' |grep -q 'b2:a1:00:00:00:02'"

	rump_server_destroy_ifaces
}

arp_static_body()
{
	local arp_keep=5
	local macaddr_src=

	rump_server_start $SOCKSRC
	rump_server_start $SOCKDST

	setup_dst_server
	setup_src_server $arp_keep

	macaddr_src=$(get_macaddr $SOCKSRC shmif0)

	# Set a (valid) static ARP entry for the src server
	export RUMP_SERVER=$SOCKDST
	$DEBUG && rump.arp -n -a
	atf_check -s exit:0 -o ignore rump.arp -s $IP4SRC $macaddr_src
	$DEBUG && rump.arp -n -a

	# Test receiving an ARP request with the static ARP entry (as spa/sha)
	export RUMP_SERVER=$SOCKSRC
	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 $IP4DST

	rump_server_destroy_ifaces
}

arp_cache_expiration_5s_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_cache_expiration_10s_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_command_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_garp_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_cache_overwriting_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_proxy_arp_pub_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_proxy_arp_pubproxy_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_link_activation_cleanup()
{
	$DEBUG && dump
	cleanup
}

arp_static_cleanup()
{
	$DEBUG && dump
	cleanup
}

atf_init_test_cases()
{
	atf_add_test_case arp_cache_expiration_5s
	atf_add_test_case arp_cache_expiration_10s
	atf_add_test_case arp_command
	atf_add_test_case arp_garp
	atf_add_test_case arp_cache_overwriting
	atf_add_test_case arp_proxy_arp_pub
	atf_add_test_case arp_proxy_arp_pubproxy
	atf_add_test_case arp_link_activation
	atf_add_test_case arp_static
}