xref: /freebsd/tests/sys/netinet6/frag6/frag6_06.sh (revision 0d66206fff44f864ea8a4b220c3a53b4caa959a0)
1# $FreeBSD$
2#-
3# SPDX-License-Identifier: BSD-2-Clause
4#
5# Copyright (c) 2019 Netflix, Inc.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26# SUCH DAMAGE.
27#
28
29. $(atf_get_srcdir)/frag6.subr
30
31frag6_06_pre_test_0() {
32
33	local jname ifname
34	jname=$1
35
36	case "${jname}" in
37	"")	echo "ERROR: jname is empty"; return ;;
38	esac
39
40	# Never accept fragments.
41	jexec ${jname} sysctl net.inet6.ip6.maxfragbucketsize=0
42}
43
44
45frag6_06_check_stats_0() {
46
47	local jname ifname
48	jname=$1
49	ifname=$2
50
51	case "${jname}" in
52	"")	echo "ERROR: jname is empty"; return ;;
53	esac
54	case "${ifname}" in
55	"")	echo "ERROR: ifname is empty"; return ;;
56	esac
57
58	# Defaults are: IPV6_FRAGTTL  120 slowtimo ticks.
59	# pfslowtimo() is run at hz/2.  So this takes 60s.
60	# This is awefully long for a test case.
61	# The Python script has to wait for this already to get the ICMPv6
62	# hence we do not sleep here anymore.
63
64	nf=`jexec ${jname} sysctl -n net.inet6.ip6.frag6_nfragpackets`
65	case ${nf} in
66	0)	break ;;
67	*)	atf_fail "VNET frag6_nfragpackets not 0 but: ${nf}" ;;
68	esac
69	nf=`sysctl -n net.inet6.ip6.frag6_nfrags`
70	case ${nf} in
71	0)	break ;;
72	*)	atf_fail "Global frag6_nfrags not 0 but: ${nf}" ;;
73	esac
74
75	#
76	# Check that the sysctl is set to what we expect.
77	#
78	sn=`jexec ${jname} sysctl -n net.inet6.ip6.maxfragbucketsize`
79	case "${sn}" in
80	0)	;;
81	*)	atf_fail "Sysctl net.inet6.ip6.maxfragbucketsize is ${sn} and not 0" ;;
82	esac
83
84	#
85	# Check selection of global UDP stats.
86	#
87	cat <<EOF > ${HOME}/filter-${jname}.txt
88    <received-datagrams>0</received-datagrams>
89    <dropped-incomplete-headers>0</dropped-incomplete-headers>
90    <dropped-bad-data-length>0</dropped-bad-data-length>
91    <dropped-bad-checksum>0</dropped-bad-checksum>
92    <dropped-no-checksum>0</dropped-no-checksum>
93    <dropped-no-socket>0</dropped-no-socket>
94    <dropped-broadcast-multicast>0</dropped-broadcast-multicast>
95    <dropped-full-socket-buffer>0</dropped-full-socket-buffer>
96    <not-for-hashed-pcb>0</not-for-hashed-pcb>
97EOF
98	count=`jexec ${jname} netstat -s -p udp --libxo xml,pretty | grep -E -x -c -f ${HOME}/filter-${jname}.txt`
99	rm -f ${HOME}/filter-${jname}.txt
100	case ${count} in
101	9)	;;
102	*)	jexec ${jname} netstat -s -p udp --libxo xml,pretty
103		atf_fail "Global UDP statistics do not match: ${count} != 9" ;;
104	esac
105
106
107	#
108	# Check selection of global IPv6 stats.
109	#
110	cat <<EOF > ${HOME}/filter-${jname}.txt
111    <dropped-below-minimum-size>0</dropped-below-minimum-size>
112    <dropped-short-packets>0</dropped-short-packets>
113    <dropped-bad-options>0</dropped-bad-options>
114    <dropped-bad-version>0</dropped-bad-version>
115    <received-fragments>20</received-fragments>
116    <dropped-fragment>20</dropped-fragment>
117    <dropped-fragment-after-timeout>0</dropped-fragment-after-timeout>
118    <dropped-fragments-overflow>0</dropped-fragments-overflow>
119    <atomic-fragments>0</atomic-fragments>
120    <reassembled-packets>0</reassembled-packets>
121    <forwarded-packets>0</forwarded-packets>
122    <packets-not-forwardable>0</packets-not-forwardable>
123    <sent-redirects>0</sent-redirects>
124    <send-packets-fabricated-header>0</send-packets-fabricated-header>
125    <discard-no-mbufs>0</discard-no-mbufs>
126    <discard-no-route>0</discard-no-route>
127    <sent-fragments>0</sent-fragments>
128    <fragments-created>0</fragments-created>
129    <discard-cannot-fragment>0</discard-cannot-fragment>
130    <discard-scope-violations>0</discard-scope-violations>
131EOF
132	count=`jexec ${jname} netstat -s -p ip6 --libxo xml,pretty | grep -E -x -c -f ${HOME}/filter-${jname}.txt`
133	rm -f ${HOME}/filter-${jname}.txt
134	case ${count} in
135	20)	;;
136	*)	jexec ${jname} netstat -s -p ip6 --libxo xml,pretty
137		atf_fail "Global IPv6 statistics do not match: ${count} != 20" ;;
138	esac
139
140	#
141	# Check selection of global ICMPv6 stats.
142	# XXX-TODO check output histogram (just too hard to parse [no multi-line-grep])
143	#
144	cat <<EOF > ${HOME}/filter-${jname}.txt
145    <icmp6-calls>0</icmp6-calls>
146      <no-route>0</no-route>
147      <admin-prohibited>0</admin-prohibited>
148      <beyond-scope>0</beyond-scope>
149      <address-unreachable>0</address-unreachable>
150      <port-unreachable>0</port-unreachable>
151      <packet-too-big>0</packet-too-big>
152      <time-exceed-transmit>0</time-exceed-transmit>
153      <time-exceed-reassembly>0</time-exceed-reassembly>
154      <bad-header>0</bad-header>
155      <bad-next-header>0</bad-next-header>
156      <bad-option>0</bad-option>
157      <redirects>0</redirects>
158      <unknown>0</unknown>
159      <reflect>0</reflect>
160      <too-many-nd-options>0</too-many-nd-options>
161      <bad-nd-options>0</bad-nd-options>
162      <bad-neighbor-solicitation>0</bad-neighbor-solicitation>
163      <bad-neighbor-advertisement>0</bad-neighbor-advertisement>
164      <bad-router-solicitation>0</bad-router-solicitation>
165      <bad-router-advertisement>0</bad-router-advertisement>
166      <bad-redirect>0</bad-redirect>
167EOF
168	count=`jexec ${jname} netstat -s -p icmp6 --libxo xml,pretty | grep -E -x -c -f ${HOME}/filter-${jname}.txt`
169	rm -f ${HOME}/filter-${jname}.txt
170	case ${count} in
171	22)	;;
172	*)	jexec ${jname} netstat -s -p icmp6 --libxo xml,pretty
173		atf_fail "Global ICMPv6 statistics do not match: ${count} != 22" ;;
174	esac
175
176	#
177	# Check selection of interface IPv6 stats.
178	#
179	cat <<EOF > ${HOME}/filter-${jname}.txt
180    <dropped-invalid-header>0</dropped-invalid-header>
181    <dropped-mtu-exceeded>0</dropped-mtu-exceeded>
182    <dropped-no-route>0</dropped-no-route>
183    <dropped-invalid-destination>0</dropped-invalid-destination>
184    <dropped-unknown-protocol>0</dropped-unknown-protocol>
185    <dropped-truncated>0</dropped-truncated>
186    <sent-forwarded>0</sent-forwarded>
187    <discard-packets>0</discard-packets>
188    <discard-fragments>0</discard-fragments>
189    <fragments-failed>0</fragments-failed>
190    <fragments-created>0</fragments-created>
191    <reassembly-required>20</reassembly-required>
192    <reassembled-packets>0</reassembled-packets>
193    <reassembly-failed>20</reassembly-failed>
194EOF
195	count=`jexec ${jname} netstat -s -p ip6 -I ${ifname} --libxo xml,pretty | grep -E -x -c -f ${HOME}/filter-${jname}.txt`
196	rm -f ${HOME}/filter-${jname}.txt
197	case ${count} in
198	14)	;;
199	*)	jexec ${jname} netstat -s -p ip6 -I ${ifname} --libxo xml,pretty
200		atf_fail "Interface IPv6 statistics do not match: ${count} != 14" ;;
201	esac
202
203	#
204	# Check selection of interface ICMPv6 stats.
205	#
206	cat <<EOF > ${HOME}/filter-${jname}.txt
207    <received-errors>0</received-errors>
208    <received-destination-unreachable>0</received-destination-unreachable>
209    <received-admin-prohibited>0</received-admin-prohibited>
210    <received-time-exceeded>0</received-time-exceeded>
211    <received-bad-parameter>0</received-bad-parameter>
212    <received-packet-too-big>0</received-packet-too-big>
213    <received-echo-requests>0</received-echo-requests>
214    <received-echo-replies>0</received-echo-replies>
215    <received-router-solicitation>0</received-router-solicitation>
216    <received-router-advertisement>0</received-router-advertisement>
217    <sent-errors>0</sent-errors>
218    <sent-destination-unreachable>0</sent-destination-unreachable>
219    <sent-admin-prohibited>0</sent-admin-prohibited>
220    <sent-time-exceeded>0</sent-time-exceeded>
221    <sent-bad-parameter>0</sent-bad-parameter>
222    <sent-packet-too-big>0</sent-packet-too-big>
223    <sent-echo-requests>0</sent-echo-requests>
224    <sent-echo-replies>0</sent-echo-replies>
225    <sent-router-solicitation>0</sent-router-solicitation>
226    <sent-router-advertisement>0</sent-router-advertisement>
227    <sent-redirects>0</sent-redirects>
228EOF
229	count=`jexec ${jname} netstat -s -p icmp6 -I ${ifname} --libxo xml,pretty | grep -E -x -c -f ${HOME}/filter-${jname}.txt`
230	rm -f ${HOME}/filter-${jname}.txt
231	case ${count} in
232	21)	;;
233	*)	jexec ${jname} netstat -s -p icmp6 -I ${ifname} --libxo xml,pretty
234		atf_fail "Interface ICMPv6 statistics do not match: ${count} != 21" ;;
235	esac
236}
237
238atf_test_case "frag6_06_0" "cleanup"
239frag6_06_0_head() {
240	frag6_head 6_0
241}
242
243frag6_06_0_body() {
244	frag6_body 6 frag6_06_check_stats_0 frag6_06_pre_test_0
245}
246
247frag6_06_0_cleanup() {
248	frag6_cleanup 6_0
249
250	# No need to restore the sysctl back to default as the jail is gone.
251}
252
253
254#atf_test_case "frag6_06_1" "cleanup"
255# There is no point in testing a != 0 value for net.inet6.ip6.maxfragbucketsize.
256# We would have to be able to generate hash collisions to end up in the same
257# bucket (or re-compile a kernel with only 1 bucket).
258
259
260atf_init_test_cases()
261{
262	atf_add_test_case "frag6_06_0"
263}
264