xref: /linux/tools/testing/selftests/net/forwarding/pedit_ip.sh (revision 69050f8d6d075dc01af7a5f2f550a8067510366f) 
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# This test sends traffic from H1 to H2. Either on ingress of $swp1, or on
5# egress of $swp2, the traffic is acted upon by a pedit action. An ingress
6# filter installed on $h2 verifies that the packet looks like expected.
7#
8# +----------------------+                             +----------------------+
9# | H1                   |                             |                   H2 |
10# |    + $h1             |                             |            $h2 +     |
11# |    | 192.0.2.1/28    |                             |   192.0.2.2/28 |     |
12# +----|-----------------+                             +----------------|-----+
13#      |                                                                |
14# +----|----------------------------------------------------------------|-----+
15# | SW |                                                                |     |
16# |  +-|----------------------------------------------------------------|-+   |
17# |  | + $swp1                       BR                           $swp2 + |   |
18# |  +--------------------------------------------------------------------+   |
19# +---------------------------------------------------------------------------+
20
21ALL_TESTS="
22	ping_ipv4
23	ping_ipv6
24	test_ip4_src
25	test_ip4_dst
26	test_ip6_src
27	test_ip6_dst
28"
29
30NUM_NETIFS=4
31source lib.sh
32source tc_common.sh
33
34h1_create()
35{
36	simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64
37}
38
39h1_destroy()
40{
41	simple_if_fini $h1 192.0.2.1/28 2001:db8:1::1/64
42}
43
44h2_create()
45{
46	simple_if_init $h2 192.0.2.2/28 2001:db8:1::2/64
47	tc qdisc add dev $h2 clsact
48}
49
50h2_destroy()
51{
52	tc qdisc del dev $h2 clsact
53	simple_if_fini $h2 192.0.2.2/28 2001:db8:1::2/64
54}
55
56switch_create()
57{
58	ip link add name br1 up type bridge vlan_filtering 1
59	ip link set dev $swp1 master br1
60	ip link set dev $swp1 up
61	ip link set dev $swp2 master br1
62	ip link set dev $swp2 up
63
64	tc qdisc add dev $swp1 clsact
65	tc qdisc add dev $swp2 clsact
66}
67
68switch_destroy()
69{
70	tc qdisc del dev $swp2 clsact
71	tc qdisc del dev $swp1 clsact
72
73	ip link set dev $swp2 down
74	ip link set dev $swp2 nomaster
75	ip link set dev $swp1 down
76	ip link set dev $swp1 nomaster
77	ip link del dev br1
78}
79
80setup_prepare()
81{
82	h1=${NETIFS[p1]}
83	swp1=${NETIFS[p2]}
84
85	swp2=${NETIFS[p3]}
86	h2=${NETIFS[p4]}
87
88	h2mac=$(mac_get $h2)
89
90	vrf_prepare
91	h1_create
92	h2_create
93	switch_create
94
95	if [ -f /proc/sys/net/bridge/bridge-nf-call-iptables ]; then
96		sysctl_set net.bridge.bridge-nf-call-iptables 0
97	fi
98}
99
100cleanup()
101{
102	pre_cleanup
103
104	if [ -f /proc/sys/net/bridge/bridge-nf-call-iptables ]; then
105		sysctl_restore net.bridge.bridge-nf-call-iptables
106	fi
107
108	switch_destroy
109	h2_destroy
110	h1_destroy
111	vrf_cleanup
112}
113
114ping_ipv4()
115{
116	ping_test $h1 192.0.2.2
117}
118
119ping_ipv6()
120{
121	ping6_test $h1 2001:db8:1::2
122}
123
124do_test_pedit_ip()
125{
126	local pedit_locus=$1; shift
127	local pedit_action=$1; shift
128	local match_prot=$1; shift
129	local match_flower=$1; shift
130	local mz_flags=$1; shift
131
132	tc filter add $pedit_locus handle 101 pref 1 \
133	   flower action pedit ex munge $pedit_action
134	tc filter add dev $h2 ingress handle 101 pref 1 prot $match_prot \
135	   flower skip_hw $match_flower action pass
136
137	RET=0
138
139	$MZ $mz_flags $h1 -c 10 -d 20msec -p 100 -a own -b $h2mac -q -t ip
140
141	local pkts
142	pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \
143			tc_rule_handle_stats_get "dev $h2 ingress" 101)
144	check_err $? "Expected to get 10 packets, but got $pkts."
145
146	pkts=$(tc_rule_handle_stats_get "$pedit_locus" 101)
147	((pkts >= 10))
148	check_err $? "Expected to get 10 packets on pedit rule, but got $pkts."
149
150	log_test "$pedit_locus pedit $pedit_action"
151
152	tc filter del dev $h2 ingress pref 1
153	tc filter del $pedit_locus pref 1
154}
155
156do_test_pedit_ip6()
157{
158	local locus=$1; shift
159	local pedit_addr=$1; shift
160	local flower_addr=$1; shift
161
162	do_test_pedit_ip "$locus" "$pedit_addr set 2001:db8:2::1" ipv6	\
163			 "$flower_addr 2001:db8:2::1"			\
164			 "-6 -A 2001:db8:1::1 -B 2001:db8:1::2"
165}
166
167do_test_pedit_ip4()
168{
169	local locus=$1; shift
170	local pedit_addr=$1; shift
171	local flower_addr=$1; shift
172
173	do_test_pedit_ip "$locus" "$pedit_addr set 198.51.100.1" ip	\
174			 "$flower_addr 198.51.100.1"			\
175			 "-A 192.0.2.1 -B 192.0.2.2"
176}
177
178test_ip4_src()
179{
180	do_test_pedit_ip4 "dev $swp1 ingress" "ip src" src_ip
181	do_test_pedit_ip4 "dev $swp2 egress"  "ip src" src_ip
182}
183
184test_ip4_dst()
185{
186	do_test_pedit_ip4 "dev $swp1 ingress" "ip dst" dst_ip
187	do_test_pedit_ip4 "dev $swp2 egress"  "ip dst" dst_ip
188}
189
190test_ip6_src()
191{
192	do_test_pedit_ip6 "dev $swp1 ingress" "ip6 src" src_ip
193	do_test_pedit_ip6 "dev $swp2 egress"  "ip6 src" src_ip
194}
195
196test_ip6_dst()
197{
198	do_test_pedit_ip6 "dev $swp1 ingress" "ip6 dst" dst_ip
199	do_test_pedit_ip6 "dev $swp2 egress"  "ip6 dst" dst_ip
200}
201
202trap cleanup EXIT
203
204setup_prepare
205setup_wait
206
207tests_run
208
209exit $EXIT_STATUS
210