1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3
4 # This test sends traffic from H1 to H2. Either on ingress of $swp1, or on egress of $swp2, the
5 # traffic is acted upon by a pedit action. An ingress filter installed on $h2 verifies that the
6 # packet looks like expected.
7 #
8 # +----------------------+ +----------------------+
9 # | H1 | | H2 |
10 # | + $h1 | | $h2 + |
11 # | | 192.0.2.1/28 | | 192.0.2.2/28 | |
12 # +----|-----------------+ +----------------|-----+
13 # | |
14 # +----|----------------------------------------------------------------|-----+
15 # | SW | | |
16 # | +-|----------------------------------------------------------------|-+ |
17 # | | + $swp1 BR $swp2 + | |
18 # | +--------------------------------------------------------------------+ |
19 # +---------------------------------------------------------------------------+
20
21 ALL_TESTS="
22 ping_ipv4
23 test_udp_sport
24 test_udp_dport
25 test_tcp_sport
26 test_tcp_dport
27 "
28
29 NUM_NETIFS=4
30 source lib.sh
31 source tc_common.sh
32
33 : ${HIT_TIMEOUT:=2000} # ms
34
35 h1_create()
36 {
37 simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64
38 }
39
40 h1_destroy()
41 {
42 simple_if_fini $h1 192.0.2.1/28 2001:db8:1::1/64
43 }
44
45 h2_create()
46 {
47 simple_if_init $h2 192.0.2.2/28 2001:db8:1::2/64
48 tc qdisc add dev $h2 clsact
49 }
50
51 h2_destroy()
52 {
53 tc qdisc del dev $h2 clsact
54 simple_if_fini $h2 192.0.2.2/28 2001:db8:1::2/64
55 }
56
57 switch_create()
58 {
59 ip link add name br1 up type bridge vlan_filtering 1
60 ip link set dev $swp1 master br1
61 ip link set dev $swp1 up
62 ip link set dev $swp2 master br1
63 ip link set dev $swp2 up
64
65 tc qdisc add dev $swp1 clsact
66 tc qdisc add dev $swp2 clsact
67 }
68
69 switch_destroy()
70 {
71 tc qdisc del dev $swp2 clsact
72 tc qdisc del dev $swp1 clsact
73
74 ip link set dev $swp2 down
75 ip link set dev $swp2 nomaster
76 ip link set dev $swp1 down
77 ip link set dev $swp1 nomaster
78 ip link del dev br1
79 }
80
81 setup_prepare()
82 {
83 h1=${NETIFS[p1]}
84 swp1=${NETIFS[p2]}
85
86 swp2=${NETIFS[p3]}
87 h2=${NETIFS[p4]}
88
89 h2mac=$(mac_get $h2)
90
91 vrf_prepare
92 h1_create
93 h2_create
94 switch_create
95 }
96
97 cleanup()
98 {
99 pre_cleanup
100
101 switch_destroy
102 h2_destroy
103 h1_destroy
104 vrf_cleanup
105 }
106
107 ping_ipv4()
108 {
109 ping_test $h1 192.0.2.2
110 }
111
112 ping_ipv6()
113 {
114 ping6_test $h1 2001:db8:1::2
115 }
116
117 do_test_pedit_l4port_one()
118 {
119 local pedit_locus=$1; shift
120 local pedit_prot=$1; shift
121 local pedit_action=$1; shift
122 local match_prot=$1; shift
123 local match_flower=$1; shift
124 local mz_flags=$1; shift
125 local saddr=$1; shift
126 local daddr=$1; shift
127
128 tc filter add $pedit_locus handle 101 pref 1 \
129 flower action pedit ex munge $pedit_action
130 tc filter add dev $h2 ingress handle 101 pref 1 prot $match_prot \
131 flower skip_hw $match_flower action pass
132
133 RET=0
134
135 $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 \
136 -a own -b $h2mac -q -t $pedit_prot sp=54321,dp=12345
137
138 local pkts
139 pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \
140 tc_rule_handle_stats_get "dev $h2 ingress" 101)
141 check_err $? "Expected to get 10 packets, but got $pkts."
142
143 pkts=$(tc_rule_handle_stats_get "$pedit_locus" 101)
144 ((pkts >= 10))
145 check_err $? "Expected to get 10 packets on pedit rule, but got $pkts."
146
147 log_test "$pedit_locus pedit $pedit_action"
148
149 tc filter del dev $h2 ingress pref 1
150 tc filter del $pedit_locus pref 1
151 }
152
153 do_test_pedit_l4port()
154 {
155 local locus=$1; shift
156 local prot=$1; shift
157 local pedit_port=$1; shift
158 local flower_port=$1; shift
159 local port
160
161 for port in 1 11111 65535; do
162 do_test_pedit_l4port_one "$locus" "$prot" \
163 "$prot $pedit_port set $port" \
164 ip "ip_proto $prot $flower_port $port" \
165 "-A 192.0.2.1 -B 192.0.2.2"
166 done
167 }
168
169 test_udp_sport()
170 {
171 do_test_pedit_l4port "dev $swp1 ingress" udp sport src_port
172 do_test_pedit_l4port "dev $swp2 egress" udp sport src_port
173 }
174
175 test_udp_dport()
176 {
177 do_test_pedit_l4port "dev $swp1 ingress" udp dport dst_port
178 do_test_pedit_l4port "dev $swp2 egress" udp dport dst_port
179 }
180
181 test_tcp_sport()
182 {
183 do_test_pedit_l4port "dev $swp1 ingress" tcp sport src_port
184 do_test_pedit_l4port "dev $swp2 egress" tcp sport src_port
185 }
186
187 test_tcp_dport()
188 {
189 do_test_pedit_l4port "dev $swp1 ingress" tcp dport dst_port
190 do_test_pedit_l4port "dev $swp2 egress" tcp dport dst_port
191 }
192
193 trap cleanup EXIT
194
195 setup_prepare
196 setup_wait
197
198 tests_run
199
200 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.