1# $OpenBSD: Makefile,v 1.15 2020/12/30 21:40:33 kn Exp $ 2 3# The following ports must be installed: 4# 5# scapy powerful interactive packet manipulation in python 6 7.if ! exists(/usr/local/bin/scapy) 8regress: 9 @echo Install scapy package to run this regress. 10 @echo SKIPPED 11.endif 12 13# This test needs a manual setup of two machines 14# Set up machines: LOCAL REMOTE 15# LOCAL is the machine where this makefile is running. 16# REMOTE is running OpenBSD with echo and chargen server to test PMTU 17# FAKE is an non existing machine in a non existing network. 18# REMOTE_SSH is the hostname to log in on the REMOTE machine. 19 20# Configure Addresses on the machines. 21# Adapt interface and addresse variables to your local setup. 22# 23LOCAL_IF ?= 24LOCAL_MAC ?= 25REMOTE_MAC ?= 26REMOTE_SSH ?= 27 28LOCAL_ADDR ?= 29REMOTE_ADDR ?= 30FAKE_NET ?= 31FAKE_NET_ADDR ?= 32 33LOCAL_ADDR6 ?= 34REMOTE_ADDR6 ?= 35FAKE_NET6 ?= 36FAKE_NET_ADDR6 ?= 37 38.if empty (LOCAL_IF) || empty (REMOTE_SSH) || \ 39 empty (LOCAL_MAC) || empty (REMOTE_MAC) || \ 40 empty (LOCAL_ADDR) || empty (LOCAL_ADDR6) || \ 41 empty (REMOTE_ADDR) || empty (REMOTE_ADDR6) || \ 42 empty (FAKE_NET) || empty (FAKE_NET6) || \ 43 empty (FAKE_NET_ADDR) || empty (FAKE_NET_ADDR6) 44regress: 45 @echo This tests needs a remote machine to operate on 46 @echo LOCAL_IF REMOTE_SSH LOCAL_MAC REMOTE_MAC LOCAL_ADDR LOCAL_ADDR6 47 @echo REMOTE_ADDR REMOTE_ADDR6 FAKE_NET FAKE_NET6 FAKE_NET_ADDR 48 @echo FAKE_NET_ADDR6 49 @echo are empty. Fill out these variables for additional tests. 50 @echo SKIPPED 51 52.elif make (regress) || make (all) 53.BEGIN: addr.py 54 ${SUDO} true 55 ssh -t ${REMOTE_SSH} ${SUDO} true 56 @echo 57.endif 58 59# Create python include file containing the addresses. 60addr.py: Makefile 61 rm -f $@ $@.tmp 62 echo 'LOCAL_IF = "${LOCAL_IF}"' >>$@.tmp 63 echo 'LOCAL_MAC = "${LOCAL_MAC}"' >>$@.tmp 64 echo 'REMOTE_MAC = "${REMOTE_MAC}"' >>$@.tmp 65.for var in LOCAL REMOTE FAKE_NET 66 echo '${var}_ADDR = "${${var}_ADDR}"' >>$@.tmp 67 echo '${var}_ADDR6 = "${${var}_ADDR6}"' >>$@.tmp 68.endfor 69 echo 'FAKE_NET = "${FAKE_NET}"' >>$@.tmp 70 echo 'FAKE_NET6 = "${FAKE_NET6}"' >>$@.tmp 71 mv $@.tmp $@ 72 73# Set variables so that make runs with and without obj directory. 74# Only do that if necessary to keep visible output short. 75.if ${.CURDIR} == ${.OBJDIR} 76PYTHON = python3 -u ./ 77.else 78PYTHON = PYTHONPATH=${.OBJDIR} python3 -u ${.CURDIR}/ 79.endif 80 81# Clear local and remote path mtu routes, set fake net route 82REGRESS_CLEANUP += reset-route 83reset-route: 84 ${SUDO} route -n delete -inet -host ${REMOTE_ADDR} || true 85 ssh ${REMOTE_SSH} ${SUDO} route -n delete -inet -host ${FAKE_NET_ADDR} || true 86REGRESS_CLEANUP += reset-route6 87reset-route6: 88 ${SUDO} route -n delete -inet6 -host ${REMOTE_ADDR6} || true 89 ssh ${REMOTE_SSH} ${SUDO} route -n delete -inet6 -host ${FAKE_NET_ADDR6} || true 90 91# Clear host routes and ping all addresses. This ensures that 92# the IP addresses are configured and all routing table are set up 93# to allow bidirectional packet flow. 94REGRESS_TARGETS += run-ping 95run-ping: reset-route 96.for ip in LOCAL_ADDR REMOTE_ADDR 97 @echo Check ping ${ip} 98 ping -n -c 1 ${${ip}} 99.endfor 100REGRESS_TARGETS += run-ping6 101run-ping6: reset-route6 102.for ip in LOCAL_ADDR REMOTE_ADDR 103 @echo Check ping6 ${ip}6 104 ping6 -n -c 1 ${${ip}6} 105.endfor 106 107REGRESS_TARGETS += run-pmtu 108run-pmtu: addr.py reset-route 109 @echo Send ICMP fragmentation needed after fake TCP connect 110 ${SUDO} ${PYTHON}tcp_connect.py 111REGRESS_TARGETS += run-pmtu6 112run-pmtu6: addr.py reset-route6 113 @echo Send ICMP6 packet too big after fake TCP connect 114 ${SUDO} ${PYTHON}tcp_connect6.py 115 116REGRESS_TARGETS += run-udp6 117run-udp6: addr.py reset-route6 118 @echo Send ICMP6 packet too big after UDP echo 119 ${SUDO} ${PYTHON}udp_echo6.py 120 121REGRESS_TARGETS += run-gateway6 122run-gateway6: run-udp6 123 @echo Remove gateway route of a dynamic PMTU route 124 ssh ${REMOTE_SSH} ${SUDO} route -n delete -inet6 -host ${LOCAL_ADDR6} 125 ssh ${REMOTE_SSH} route -n get -inet6 -host ${FAKE_NET_ADDR6}\ 126 >pmtu.route 127 cat pmtu.route 128 grep -q 'gateway: ${LOCAL_ADDR6}' pmtu.route 129 grep -q 'flags: <UP,GATEWAY,HOST,DYNAMIC,DONE>' pmtu.route 130 ${SUDO} ${PYTHON}udp_echo6.py 131 132REGRESS_TARGETS += run-tcpfrag6 133run-tcpfrag6: addr.py reset-route6 134 @echo Send ICMP6 and try to trigger a short TCP segment 135 ${SUDO} ${PYTHON}tcp_atomicfrag6.py 136REGRESS_TARGETS += run-udpfrag6 137run-udpfrag6: addr.py reset-route6 138 @echo Send ICMP6 and try to trigger an atomic UDP IPv6 fragment 139 ${SUDO} ${PYTHON}udp_atomicfrag6.py 140 141CLEANFILES += addr.py *.pyc *.log *.route 142 143.PHONY: check-setup check-setup-local check-setup-remote 144 145# Check wether the address, route and remote setup is correct 146check-setup: check-setup-local check-setup-remote 147 148check-setup-local: 149 @echo '\n======== $@ ========' 150 ping -n -c 1 ${LOCAL_ADDR} # LOCAL_ADDR 151 route -n get -inet ${LOCAL_ADDR} | grep -q 'flags: .*LOCAL' # LOCAL_ADDR 152 arp -na | grep -q '^${LOCAL_ADDR} * ${LOCAL_MAC} * ${LOCAL_IF} permanent' # LOCAL_ADDR LOCAL_MAC LOCAL_IF 153 ping -n -c 1 ${REMOTE_ADDR} # REMOTE_ADDR 154 route -n get -inet ${REMOTE_ADDR} | fgrep -q 'interface: ${LOCAL_IF}' # REMOTE_ADDR LOCAL_IF 155 ! ping -n -c 1 -w 1 ${FAKE_NET_ADDR} # FAKE_NET_ADDR 156 route -n get -inet ${FAKE_NET_ADDR} | grep -q 'flags: .*BLACKHOLE' # FAKE_NET_ADDR 157 route -n get -inet -net ${FAKE_NET} | grep -q 'flags: .*BLACKHOLE' # FAKE_NET 158 ping6 -n -c 1 ${LOCAL_ADDR6} # LOCAL_ADDR6 159 route -n get -inet6 ${LOCAL_ADDR6} | grep -q 'flags: .*LOCAL' # LOCAL_ADDR6 160 ndp -na | grep -q '^${LOCAL_ADDR6} * ${LOCAL_MAC} * ${LOCAL_IF} permanent' # LOCAL_ADDR6 LOCAL_MAC LOCAL_IF 161 ping6 -n -c 1 ${REMOTE_ADDR6} # REMOTE_ADDR6 162 route -n get -inet6 ${REMOTE_ADDR6} | fgrep -q 'interface: ${LOCAL_IF}' # REMOTE_ADDR6 LOCAL_IF 163 ! ping -n -c 1 -w 1 ${FAKE_NET_ADDR6} # FAKE_NET_ADDR6 164 route -n get -inet6 ${FAKE_NET_ADDR6} | grep -q 'flags: .*BLACKHOLE' # FAKE_NET_ADDR6 165 route -n get -inet6 -net ${FAKE_NET6} | grep -q 'flags: .*BLACKHOLE' # FAKE_NET6 166 167check-setup-remote: 168 @echo '\n======== $@ ========' 169 ssh ${REMOTE_SSH} ping -n -c 1 ${REMOTE_ADDR} # REMOTE_ADDR 170 ssh ${REMOTE_SSH} route -n get -inet ${REMOTE_ADDR} | grep -q 'flags: .*LOCAL' # REMOTE_ADDR 171 ssh ${REMOTE_SSH} arp -na | grep -q '^${REMOTE_ADDR} * ${REMOTE_MAC} * .* permanent' # REMOTE_ADDR REMOTE_MAC 172 ssh ${REMOTE_SSH} ping -n -c 1 ${LOCAL_ADDR} # LOCAL_ADDR 173.for ip in FAKE_NET FAKE_NET_ADDR 174 ssh ${REMOTE_SSH} route -n get -inet ${${ip}} | fgrep -q 'gateway: ${LOCAL_ADDR}' # ${ip} LOCAL_ADDR 175.endfor 176 ssh ${REMOTE_SSH} ping6 -n -c 1 ${REMOTE_ADDR6} # REMOTE_ADDR6 177 ssh ${REMOTE_SSH} route -n get -inet6 ${REMOTE_ADDR6} | grep -q 'flags: .*LOCAL' # REMOTE_ADDR6 178 ssh ${REMOTE_SSH} ndp -na | grep -q '^${REMOTE_ADDR6} * ${REMOTE_MAC} * .* permanent' # REMOTE_ADDR6 REMOTE_MAC 179 ssh ${REMOTE_SSH} ping6 -n -c 1 ${LOCAL_ADDR6} # LOCAL_ADDR6 180.for ip in FAKE_NET6 FAKE_NET_ADDR6 181 ssh ${REMOTE_SSH} route -n get -inet6 ${${ip}} | fgrep -q 'gateway: ${LOCAL_ADDR6}' # ${ip} LOCAL_ADDR6 182.endfor 183.for af in inet inet6 184 ssh ${REMOTE_SSH} netstat -na -f ${af} -p tcp | fgrep ' *.19 ' 185.endfor 186 ssh ${REMOTE_SSH} netstat -na -f inet6 -p udp | fgrep ' *.7 ' 187 ssh ${REMOTE_SSH} ${SUDO} pfctl -sr | grep '^anchor "regress" all$$' 188 ssh ${REMOTE_SSH} ${SUDO} pfctl -si | grep '^Status: Enabled ' 189 190.include <bsd.regress.mk> 191