1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3
4 ALL_TESTS="
5 vlan_modify_ingress
6 vlan_modify_egress
7 "
8
9 NUM_NETIFS=4
10 CHECK_TC="yes"
11 source lib.sh
12
13 h1_create()
14 {
15 simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64
16 vlan_create $h1 85 v$h1 192.0.2.17/28 2001:db8:2::1/64
17 }
18
19 h1_destroy()
20 {
21 vlan_destroy $h1 85
22 simple_if_fini $h1 192.0.2.1/28 2001:db8:1::1/64
23 }
24
25 h2_create()
26 {
27 simple_if_init $h2 192.0.2.2/28 2001:db8:1::2/64
28 vlan_create $h2 65 v$h2 192.0.2.18/28 2001:db8:2::2/64
29 }
30
31 h2_destroy()
32 {
33 vlan_destroy $h2 65
34 simple_if_fini $h2 192.0.2.2/28 2001:db8:1::2/64
35 }
36
37 switch_create()
38 {
39 ip link add dev br0 type bridge vlan_filtering 1 mcast_snooping 0
40
41 ip link set dev $swp1 master br0
42 ip link set dev $swp2 master br0
43
44 ip link set dev br0 up
45 ip link set dev $swp1 up
46 ip link set dev $swp2 up
47
48 bridge vlan add dev $swp1 vid 85
49 bridge vlan add dev $swp2 vid 65
50
51 bridge vlan add dev $swp2 vid 85
52 bridge vlan add dev $swp1 vid 65
53
54 tc qdisc add dev $swp1 clsact
55 tc qdisc add dev $swp2 clsact
56 }
57
58 switch_destroy()
59 {
60 tc qdisc del dev $swp2 clsact
61 tc qdisc del dev $swp1 clsact
62
63 bridge vlan del vid 65 dev $swp1
64 bridge vlan del vid 85 dev $swp2
65
66 bridge vlan del vid 65 dev $swp2
67 bridge vlan del vid 85 dev $swp1
68
69 ip link set dev $swp2 down
70 ip link set dev $swp1 down
71
72 ip link del dev br0
73 }
74
75 setup_prepare()
76 {
77 h1=${NETIFS[p1]}
78 swp1=${NETIFS[p2]}
79
80 swp2=${NETIFS[p3]}
81 h2=${NETIFS[p4]}
82
83 vrf_prepare
84
85 h1_create
86 h2_create
87
88 switch_create
89 }
90
91 cleanup()
92 {
93 pre_cleanup
94
95 switch_destroy
96
97 h2_destroy
98 h1_destroy
99
100 vrf_cleanup
101 }
102
103 vlan_modify_ingress()
104 {
105 RET=0
106
107 ping_do $h1.85 192.0.2.18
108 check_fail $? "ping between two different vlans passed when should not"
109
110 ping6_do $h1.85 2001:db8:2::2
111 check_fail $? "ping6 between two different vlans passed when should not"
112
113 tc filter add dev $swp1 ingress protocol all pref 1 handle 1 \
114 flower action vlan modify id 65
115 tc filter add dev $swp2 ingress protocol all pref 1 handle 1 \
116 flower action vlan modify id 85
117
118 ping_do $h1.85 192.0.2.18
119 check_err $? "ping between two different vlans failed when should not"
120
121 ping6_do $h1.85 2001:db8:2::2
122 check_err $? "ping6 between two different vlans failed when should not"
123
124 log_test "VLAN modify at ingress"
125
126 tc filter del dev $swp2 ingress protocol all pref 1 handle 1 flower
127 tc filter del dev $swp1 ingress protocol all pref 1 handle 1 flower
128 }
129
130 vlan_modify_egress()
131 {
132 RET=0
133
134 ping_do $h1.85 192.0.2.18
135 check_fail $? "ping between two different vlans passed when should not"
136
137 ping6_do $h1.85 2001:db8:2::2
138 check_fail $? "ping6 between two different vlans passed when should not"
139
140 tc filter add dev $swp1 egress protocol all pref 1 handle 1 \
141 flower action vlan modify id 85
142 tc filter add dev $swp2 egress protocol all pref 1 handle 1 \
143 flower action vlan modify id 65
144
145 ping_do $h1.85 192.0.2.18
146 check_err $? "ping between two different vlans failed when should not"
147
148 ping6_do $h1.85 2001:db8:2::2
149 check_err $? "ping6 between two different vlans failed when should not"
150
151 log_test "VLAN modify at egress"
152
153 tc filter del dev $swp2 egress protocol all pref 1 handle 1 flower
154 tc filter del dev $swp1 egress protocol all pref 1 handle 1 flower
155 }
156
157 trap cleanup EXIT
158
159 setup_prepare
160 setup_wait
161
162 tests_run
163
164 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.