1#!/usr/bin/env atf-sh 2#- 3# SPDX-License-Identifier: BSD-2-Clause 4# 5# Copyright (c) 2020 Alexander V. Chernikov 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 1. Redistributions of source code must retain the above copyright 11# notice, this list of conditions and the following disclaimer. 12# 2. Redistributions in binary form must reproduce the above copyright 13# notice, this list of conditions and the following disclaimer in the 14# documentation and/or other materials provided with the distribution. 15# 16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26# SUCH DAMAGE. 27# 28# $FreeBSD$ 29# 30 31. $(atf_get_srcdir)/../common/vnet.subr 32 33atf_test_case "fwd_ip6_gu_icmp_iface_fast_success" "cleanup" 34fwd_ip6_gu_icmp_iface_fast_success_head() { 35 36 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface' 37 atf_set require.user root 38 atf_set require.progs scapy 39} 40 41fwd_ip6_gu_icmp_iface_fast_success_body() { 42 43 ids=65529 44 id=`printf "%x" ${ids}` 45 if [ $$ -gt 65535 ]; then 46 xl=`printf "%x" $(($$ - 65535))` 47 yl="1" 48 else 49 xl=`printf "%x" $$` 50 yl="" 51 fi 52 53 vnet_init 54 55 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 56 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 57 plen=96 58 59 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 60 61 script_name="../common/sender.py" 62 63 epair=$(vnet_mkepair) 64 ifconfig ${epair}a up 65 ifconfig ${epair}a inet6 ${ip6a}/${plen} 66 67 jname="v6t-${id}-${yl}-${xl}" 68 vnet_mkjail ${jname} ${epair}b 69 jexec ${jname} ifconfig ${epair}b up 70 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 71 72 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 73 74 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 75 76 # wait for DAD to complete 77 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 78 sleep 0.1 79 done 80 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 81 sleep 0.1 82 done 83 84 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 85 # As we're doing router-on-the-stick, turn sending IP redirects off: 86 jexec ${jname} sysctl net.inet6.ip6.redirect=0 87 88 atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 89 --test_name fwd_ip6_icmp \ 90 --smac ${our_mac} --dmac ${jail_mac} \ 91 --sip ${src_ip} --dip ${ip6a} \ 92 --iface ${epair}a 93 94 # check counters are valid 95 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 96} 97 98fwd_ip6_gu_icmp_iface_fast_success_cleanup() { 99 100 vnet_cleanup 101} 102 103atf_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success" "cleanup" 104fwd_ip6_gu_icmp_gw_gu_fast_success_head() { 105 106 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw' 107 atf_set require.user root 108 atf_set require.progs scapy 109} 110 111fwd_ip6_gu_icmp_gw_gu_fast_success_body() { 112 113 ids=65528 114 id=`printf "%x" ${ids}` 115 if [ $$ -gt 65535 ]; then 116 xl=`printf "%x" $(($$ - 65535))` 117 yl="1" 118 else 119 xl=`printf "%x" $$` 120 yl="" 121 fi 122 123 vnet_init 124 125 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 126 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 127 plen=96 128 129 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 130 dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 131 132 script_name="../common/sender.py" 133 134 epair=$(vnet_mkepair) 135 ifconfig ${epair}a up 136 ifconfig ${epair}a inet6 ${ip6a}/${plen} 137 138 jname="v6t-${id}-${yl}-${xl}" 139 vnet_mkjail ${jname} ${epair}b 140 jexec ${jname} ifconfig ${epair}b up 141 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 142 143 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 144 145 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 146 147 # wait for DAD to complete 148 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 149 sleep 0.1 150 done 151 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 152 sleep 0.1 153 done 154 155 # Add static route back to us 156 jexec ${jname} route add -6 -host ${dst_ip} ${ip6a} 157 158 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 159 # As we're doing router-on-the-stick, turn sending IP redirects off: 160 jexec ${jname} sysctl net.inet6.ip6.redirect=0 161 162 atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 163 --test_name fwd_ip6_icmp \ 164 --smac ${our_mac} --dmac ${jail_mac} \ 165 --sip ${src_ip} --dip ${dst_ip} \ 166 --iface ${epair}a 167 168 # check counters are valid 169 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 170} 171 172fwd_ip6_gu_icmp_gw_gu_fast_success_cleanup() { 173 174 vnet_cleanup 175} 176 177atf_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success" "cleanup" 178fwd_ip6_gu_icmp_gw_ll_fast_success_head() { 179 180 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw' 181 atf_set require.user root 182 atf_set require.progs scapy 183} 184 185fwd_ip6_gu_icmp_gw_ll_fast_success_body() { 186 187 ids=65527 188 id=`printf "%x" ${ids}` 189 if [ $$ -gt 65535 ]; then 190 xl=`printf "%x" $(($$ - 65535))` 191 yl="1" 192 else 193 xl=`printf "%x" $$` 194 yl="" 195 fi 196 197 vnet_init 198 199 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 200 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 201 plen=96 202 203 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 204 dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 205 206 script_name="../common/sender.py" 207 208 epair=$(vnet_mkepair) 209 ifconfig ${epair}a up 210 ifconfig ${epair}a inet6 ${ip6a}/${plen} 211 212 jname="v6t-${id}-${yl}-${xl}" 213 vnet_mkjail ${jname} ${epair}b 214 jexec ${jname} ifconfig ${epair}b up 215 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 216 217 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 218 219 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 220 our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'` 221 222 # wait for DAD to complete 223 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 224 sleep 0.1 225 done 226 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 227 sleep 0.1 228 done 229 230 # Add static route back to us 231 atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b 232 233 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 234 # As we're doing router-on-the-stick, turn sending IP redirects off: 235 jexec ${jname} sysctl net.inet6.ip6.redirect=0 236 237 atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 238 --test_name fwd_ip6_icmp \ 239 --smac ${our_mac} --dmac ${jail_mac} \ 240 --sip ${src_ip} --dip ${dst_ip} \ 241 --iface ${epair}a 242 243 # check counters are valid 244 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 245} 246 247fwd_ip6_gu_icmp_gw_ll_fast_success_cleanup() { 248 249 vnet_cleanup 250} 251 252atf_test_case "fwd_ip6_gu_icmp_iface_slow_success" "cleanup" 253fwd_ip6_gu_icmp_iface_slow_success_head() { 254 255 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface' 256 atf_set require.user root 257 atf_set require.progs scapy 258} 259 260fwd_ip6_gu_icmp_iface_slow_success_body() { 261 262 ids=65526 263 id=`printf "%x" ${ids}` 264 if [ $$ -gt 65535 ]; then 265 xl=`printf "%x" $(($$ - 65535))` 266 yl="1" 267 else 268 xl=`printf "%x" $$` 269 yl="" 270 fi 271 272 vnet_init 273 274 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 275 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 276 plen=96 277 278 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 279 280 script_name="../common/sender.py" 281 282 epair=$(vnet_mkepair) 283 ifconfig ${epair}a up 284 ifconfig ${epair}a inet6 ${ip6a}/${plen} 285 286 jname="v6t-${id}-${yl}-${xl}" 287 vnet_mkjail ${jname} ${epair}b 288 jexec ${jname} ifconfig ${epair}b up 289 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 290 291 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 292 293 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 294 295 # wait for DAD to complete 296 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 297 sleep 0.1 298 done 299 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 300 sleep 0.1 301 done 302 303 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 304 # Do not turn off route redirects to ensure slow path is on 305 306 atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 307 --test_name fwd_ip6_icmp \ 308 --smac ${our_mac} --dmac ${jail_mac} \ 309 --sip ${src_ip} --dip ${ip6a} \ 310 --iface ${epair}a 311 312 # check counters are valid 313 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 314} 315 316fwd_ip6_gu_icmp_iface_slow_success_cleanup() { 317 318 vnet_cleanup 319} 320 321atf_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success" "cleanup" 322fwd_ip6_gu_icmp_gw_gu_slow_success_head() { 323 324 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw' 325 atf_set require.user root 326 atf_set require.progs scapy 327} 328 329fwd_ip6_gu_icmp_gw_gu_slow_success_body() { 330 331 ids=65525 332 id=`printf "%x" ${ids}` 333 if [ $$ -gt 65535 ]; then 334 xl=`printf "%x" $(($$ - 65535))` 335 yl="1" 336 else 337 xl=`printf "%x" $$` 338 yl="" 339 fi 340 341 vnet_init 342 343 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 344 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 345 plen=96 346 347 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 348 dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 349 350 script_name="../common/sender.py" 351 352 epair=$(vnet_mkepair) 353 ifconfig ${epair}a up 354 ifconfig ${epair}a inet6 ${ip6a}/${plen} 355 356 jname="v6t-${id}-${yl}-${xl}" 357 vnet_mkjail ${jname} ${epair}b 358 jexec ${jname} ifconfig ${epair}b up 359 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 360 361 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 362 363 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 364 365 # wait for DAD to complete 366 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 367 sleep 0.1 368 done 369 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 370 sleep 0.1 371 done 372 373 # Add static route back to us 374 jexec ${jname} route add -6 -host ${dst_ip} ${ip6a} 375 376 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 377 # Do not turn off route redirects to ensure slow path is on 378 379 # atf_check -s exit:0 380 $(atf_get_srcdir)/${script_name} \ 381 --test_name fwd_ip6_icmp \ 382 --smac ${our_mac} --dmac ${jail_mac} \ 383 --sip ${src_ip} --dip ${dst_ip} \ 384 --iface ${epair}a 385 jexec ${jname} netstat -sp ip6 386 387 # check counters are valid 388 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 389} 390 391fwd_ip6_gu_icmp_gw_gu_slow_success_cleanup() { 392 393 vnet_cleanup 394} 395 396atf_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success" "cleanup" 397fwd_ip6_gu_icmp_gw_ll_slow_success_head() { 398 399 atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw' 400 atf_set require.user root 401 atf_set require.progs scapy 402} 403 404fwd_ip6_gu_icmp_gw_ll_slow_success_body() { 405 406 ids=65524 407 id=`printf "%x" ${ids}` 408 if [ $$ -gt 65535 ]; then 409 xl=`printf "%x" $(($$ - 65535))` 410 yl="1" 411 else 412 xl=`printf "%x" $$` 413 yl="" 414 fi 415 416 vnet_init 417 418 ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 419 ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 420 plen=96 421 422 src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 423 dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 424 425 script_name="../common/sender.py" 426 427 epair=$(vnet_mkepair) 428 ifconfig ${epair}a up 429 ifconfig ${epair}a inet6 ${ip6a}/${plen} 430 431 jname="v6t-${id}-${yl}-${xl}" 432 vnet_mkjail ${jname} ${epair}b 433 jexec ${jname} ifconfig ${epair}b up 434 jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 435 436 jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 437 438 our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 439 our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'` 440 441 # wait for DAD to complete 442 while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 443 sleep 0.1 444 done 445 while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 446 sleep 0.1 447 done 448 449 # Add static route back to us 450 atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b 451 452 jexec ${jname} sysctl net.inet6.ip6.forwarding=1 453 # Do not turn off route redirects to ensure slow path is on 454 455 atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 456 --test_name fwd_ip6_icmp \ 457 --smac ${our_mac} --dmac ${jail_mac} \ 458 --sip ${src_ip} --dip ${dst_ip} \ 459 --iface ${epair}a 460 461 # check counters are valid 462 atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 463} 464 465fwd_ip6_gu_icmp_gw_ll_slow_success_cleanup() { 466 467 vnet_cleanup 468} 469 470atf_init_test_cases() 471{ 472 473 atf_add_test_case "fwd_ip6_gu_icmp_iface_fast_success" 474 atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success" 475 atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success" 476 atf_add_test_case "fwd_ip6_gu_icmp_iface_slow_success" 477 atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success" 478 atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success" 479} 480 481# end 482 483