1#!/bin/ksh
2#	$OpenBSD: policy.sh,v 1.3 2023/02/15 14:19:08 claudio Exp $
3
4set -e
5
6BGPD=$1
7BGPDCONFIGDIR=$2
8RDOMAIN1=$3
9RDOMAIN2=$4
10PAIR1=$5
11PAIR2=$6
12
13RDOMAINS="${RDOMAIN1} ${RDOMAIN2}"
14PAIRS="${PAIR1} ${PAIR2}"
15PAIR1IP=10.12.57.254
16PAIR2IP1=10.12.57.1
17PAIR2IP2=10.12.57.2
18PAIR2IP3=10.12.57.3
19PAIR2IP4=10.12.57.4
20PAIR2IP5=10.12.57.5
21
22error_notify() {
23	echo cleanup
24	pkill -T ${RDOMAIN1} bgpd || true
25	pkill -T ${RDOMAIN2} bgpd || true
26	sleep 1
27	ifconfig ${PAIR2} destroy || true
28	ifconfig ${PAIR1} destroy || true
29	route -qn -T ${RDOMAIN1} flush || true
30	route -qn -T ${RDOMAIN2} flush || true
31	ifconfig lo${RDOMAIN1} destroy || true
32	ifconfig lo${RDOMAIN2} destroy || true
33	if [ $1 -ne 0 ]; then
34		echo FAILED
35		exit 1
36	else
37		echo SUCCESS
38	fi
39}
40
41test_bgpd() {
42	set -x
43
44	e=$1
45	shift
46
47	route -T ${RDOMAIN1} exec ${BGPD} \
48		-v -f ${BGPDCONFIGDIR}/bgpd.op.master.conf
49	i=1
50	for p in $@; do
51		route -T ${RDOMAIN2} exec ${BGPD} -DNUM=$i -DPOLICY=$p \
52			-DSOCK=\"/var/run/bgpd.sock.c$i\" \
53			-v -f ${BGPDCONFIGDIR}/bgpd.op.client.conf
54		i=$(($i + 1))
55	done
56
57	sleep 1
58	route -T ${RDOMAIN1} exec bgpctl nei group TEST up
59	sleep 1
60
61	for i in 1 2 3 4 5; do
62		route -T ${RDOMAIN1} exec bgpctl show nei PEER$i | \
63		    grep "$e"
64	done
65
66	pkill -T ${RDOMAIN1} bgpd || true
67	pkill -T ${RDOMAIN2} bgpd || true
68
69	sleep 1
70}
71
72if [ "$(id -u)" -ne 0 ]; then
73	echo need root privileges >&2
74	exit 1
75fi
76
77trap 'error_notify $?' EXIT
78
79echo check if rdomains are busy
80for n in ${RDOMAINS}; do
81	if /sbin/ifconfig | grep -v "^lo${n}:" | grep " rdomain ${n} "; then
82		echo routing domain ${n} is already used >&2
83		exit 1
84	fi
85done
86
87echo check if interfaces are busy
88for n in ${PAIRS}; do
89	/sbin/ifconfig "${n}" >/dev/null 2>&1 && \
90	    ( echo interface ${n} is already used >&2; exit 1 )
91done
92
93set -x
94
95echo setup
96ifconfig ${PAIR1} rdomain ${RDOMAIN1} ${PAIR1IP}/24 up
97ifconfig ${PAIR2} rdomain ${RDOMAIN2} ${PAIR2IP1}/24 up
98ifconfig ${PAIR2} alias ${PAIR2IP2}/32 up
99ifconfig ${PAIR2} alias ${PAIR2IP3}/32 up
100ifconfig ${PAIR2} alias ${PAIR2IP4}/32 up
101ifconfig ${PAIR2} alias ${PAIR2IP5}/32 up
102ifconfig ${PAIR1} patch ${PAIR2}
103ifconfig lo${RDOMAIN1} inet 127.0.0.1/8
104ifconfig lo${RDOMAIN2} inet 127.0.0.1/8
105
106echo test1: no policy
107test_bgpd "Last error sent: error in OPEN message, role mismatch" \
108    "none" "none" "none" "none" "none"
109
110echo test2: wrong policy
111test_bgpd "Last error sent: error in OPEN message, role mismatch" \
112    "rs" "provider" "customer" "rs" "rs-client"
113
114echo test3: correct policy
115test_bgpd "BGP state = Established, up" \
116    "peer" "rs-client" "rs" "customer" "provider"
117