1%% 2%% %CopyrightBegin% 3%% 4%% Copyright Ericsson AB 2004-2016. All Rights Reserved. 5%% 6%% Licensed under the Apache License, Version 2.0 (the "License"); 7%% you may not use this file except in compliance with the License. 8%% You may obtain a copy of the License at 9%% 10%% http://www.apache.org/licenses/LICENSE-2.0 11%% 12%% Unless required by applicable law or agreed to in writing, software 13%% distributed under the License is distributed on an "AS IS" BASIS, 14%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15%% See the License for the specific language governing permissions and 16%% limitations under the License. 17%% 18%% %CopyrightEnd% 19%% 20%% 21%%----------------------------------------------------------------- 22%% 23%% Description: 24%% Test suite for the ACL functions 25%% 26%%----------------------------------------------------------------- 27-module(orber_acl_SUITE). 28 29-include_lib("common_test/include/ct.hrl"). 30 31-define(default_timeout, test_server:minutes(5)). 32 33-define(match(ExpectedRes,Expr), 34 fun() -> 35 AcTuAlReS = (catch (Expr)), 36 case AcTuAlReS of 37 ExpectedRes -> 38 io:format("------ CORRECT RESULT ------~n~p~n", 39 [AcTuAlReS]), 40 AcTuAlReS; 41 _ -> 42 io:format("###### ERROR ERROR ######~nRESULT: ~p~n", 43 [AcTuAlReS]), 44 exit(AcTuAlReS) 45 end 46 end()). 47 48%%----------------------------------------------------------------- 49%% External exports 50%%----------------------------------------------------------------- 51-export([all/0, suite/0,groups/0,init_per_group/2,end_per_group/2]). 52 53%%----------------------------------------------------------------- 54%% Internal exports 55%%----------------------------------------------------------------- 56-compile(export_all). 57 58%%----------------------------------------------------------------- 59%% Func: all/1 60%% Args: 61%% Returns: 62%%----------------------------------------------------------------- 63suite() -> [{ct_hooks,[ts_install_cth]}]. 64 65all() -> 66 [ipv4_verify, ipv4_range, ipv4_interfaces, ipv4_bm, 67 ipv6_verify, ipv6_range, ipv6_interfaces, ipv6_bm]. 68 69groups() -> 70 []. 71 72init_per_group(_GroupName, Config) -> 73 Config. 74 75end_per_group(_GroupName, Config) -> 76 Config. 77 78 79%%----------------------------------------------------------------- 80%% Init and cleanup functions. 81%%----------------------------------------------------------------- 82init_per_suite(Config) -> 83 if 84 is_list(Config) -> 85 Config; 86 true -> 87 exit("Config not a list") 88 end. 89 90end_per_suite(Config) -> 91 Config. 92 93 94init_per_testcase(_Case, Config) -> 95 Dog=test_server:timetrap(?default_timeout), 96 [{watchdog, Dog}|Config]. 97 98 99end_per_testcase(_Case, Config) -> 100 Dog = proplists:get_value(watchdog, Config), 101 test_server:timetrap_cancel(Dog), 102 ok. 103 104%%----------------------------------------------------------------- 105%% Test Case 106%% Description: Testing IPv4 Verify Operation 107%%----------------------------------------------------------------- 108ipv4_verify(_) -> 109 ?match(true, orber_acl:verify("192.168.64.148", "192.168.64.0/17", inet)), 110 ?match({false,"192.168.128.0","192.168.255.255"}, 111 orber_acl:verify("192.168.64.148", "192.168.255.0/17", inet)), 112 ?match(true, orber_acl:verify("192.168.255.148", "192.168.128.0/17", inet)), 113 ?match(true, orber_acl:verify("192.168.128.148", "192.168.128.0/17", inet)), 114 ?match(true, orber_acl:verify("192.168.255.255", "192.168.128.0/16", inet)), 115 ?match({false,"192.168.0.0","192.168.255.255"}, 116 orber_acl:verify("192.169.255.255", "192.168.128.0/16", inet)), 117 ?match(true, orber_acl:verify("192.168.128.255", "192.168.128.0/24", inet)), 118 ?match({false,"192.168.128.0","192.168.128.255"}, 119 orber_acl:verify("192.168.255.255", "192.168.128.0/24", inet)), 120 ?match({false,"192.168.128.0","192.168.128.127"}, 121 orber_acl:verify("192.168.128.255", "192.168.128.0/25", inet)), 122 ?match(true, orber_acl:verify("192.168.128.255", "192.168.128.128/25", inet)), 123 ?match(true, orber_acl:verify("192.168.128.128", "192.168.128.128/32", inet)), 124 ?match({false,"192.168.128.128.","192.168.128.128."}, 125 orber_acl:verify("192.168.128.255", "192.168.128.128/32", inet)), 126 ?match(true, orber_acl:verify("192.168.128.128", "192.168.128.128", inet)), 127 ?match({false,"192.168.128.128.","192.168.128.128."}, 128 orber_acl:verify("192.168.128.255", "192.168.128.128", inet)), 129 ?match(true, orber_acl:verify("192.168.128.255", "192.168.128.128/7", inet)), 130 ok. 131 132%%----------------------------------------------------------------- 133%% Test Case : 134%% Description: Testing IPv4 Range Operation 135%%----------------------------------------------------------------- 136ipv4_range(_) -> 137 ?match({ok,"192.168.0.0", "192.168.127.255"}, 138 orber_acl:range("192.168.64.0/17")), 139 ?match({ok, "192.168.128.0", "192.168.255.255"}, 140 orber_acl:range("192.168.255.0/17")), 141 ?match({ok,"192.168.128.0","192.168.255.255"}, 142 orber_acl:range("192.168.128.0/17")), 143 ?match({ok,"192.168.0.0","192.168.255.255"}, 144 orber_acl:range("192.168.128.0/16")), 145 ?match({ok,"192.168.128.0","192.168.128.255"}, 146 orber_acl:range("192.168.128.0/24")), 147 ?match({ok,"192.168.128.0","192.168.128.127"}, 148 orber_acl:range("192.168.128.0/25")), 149 ?match({ok,"192.168.128.128","192.168.128.255"}, 150 orber_acl:range("192.168.128.128/25")), 151 ?match({ok,"192.168.128.128.","192.168.128.128."}, 152 orber_acl:range("192.168.128.128/32")), 153 ?match({ok,"192.168.128.128.","192.168.128.128."}, 154 orber_acl:range("192.168.128.128")), 155 ?match({ok,"192.0.0.0","193.255.255.255"}, 156 orber_acl:range("192.168.128.128/7")), 157 ok. 158 159%%----------------------------------------------------------------- 160%% Test Case : 161%% Description: Testing IPv4 Interfaces Operation 162%%----------------------------------------------------------------- 163ipv4_interfaces(_) -> 164 ?match({ok, _}, 165 orber_acl:init_acl([{tcp_in, "192.168.128.0/18", ["10.1.1.1"]}, 166 {tcp_in, "192.167.64.0/18#4001/5001", ["10.1.1.2"]}, 167 {tcp_in, "192.166.192.0/18"}], inet)), 168 {ok, IPTuple1} = ?match({ok, _}, inet:getaddr("192.168.128.0", inet)), 169 ?match({true, ["10.1.1.1"], 0}, orber_acl:match(IPTuple1, tcp_in, true)), 170 ?match({false, [], 0}, orber_acl:match(IPTuple1, tcp_out, true)), 171 {ok, IPTuple2} = ?match({ok, _}, inet:getaddr("192.167.64.0", inet)), 172 ?match({true, ["10.1.1.2"], {4001,5001}}, orber_acl:match(IPTuple2, tcp_in, true)), 173 ?match({false, [], 0}, orber_acl:match(IPTuple2, tcp_out, true)), 174 {ok, IPTuple3} = ?match({ok, _}, inet:getaddr("192.166.192.0", inet)), 175 ?match({true, [], 0}, orber_acl:match(IPTuple3, tcp_in, true)), 176 ?match(false, orber_acl:match(IPTuple3, tcp_out)), 177 ?match(ok, orber_acl:clear_acl()), 178 ok. 179 180%%----------------------------------------------------------------- 181%% Test Case : 182%% Description: Benchmarking runtime critical IPv4 Operations 183%%----------------------------------------------------------------- 184ipv4_bm(_) -> 185 ?match({ok, _, _, _}, bm2([{tcp_in, "192.168.64.0/17"}], inet, "192.168.64.148")), 186 ok. 187%%----------------------------------------------------------------- 188%% Test Case : 189%% Description: Testing IPv6 Verify Operation 190%%----------------------------------------------------------------- 191ipv6_verify(_) -> 192 case orber_test_lib:version_ok() of 193 true -> 194 ?match(true, orber_acl:verify("2002:C0A8:0:0:0:0:0:0", "2002:C0A8::/48", inet6)), 195 ?match(true, orber_acl:verify("2002:C0A8:0:FFFF:FFFF:FFFF:FFFF:FFFF", "2002:C0A8::/48", inet6)), 196 ?match({false,"2002:C0A8:0:0:0:0:0:0", "2002:C0A8:0:FFFF:FFFF:FFFF:FFFF:FFFF"}, 197 orber_acl:verify("2002:C0A8:1:FFFF:FFFF:FFFF:FFFF:FFFF", "2002:C0A8::/48", inet6)), 198 ?match(true, orber_acl:verify("2002:C0A8:1:FFFF:FFFF:FFFF:FFFF:FFFF", "2002:C0A8::/47", inet6)), 199 ?match({false,"2002:C0A8:0:0:0:0:0:0", "2002:C0A8:1:FFFF:FFFF:FFFF:FFFF:FFFF"}, 200 orber_acl:verify("2002:C0A8:2:FFFF:FFFF:FFFF:FFFF:FFFF", "2002:C0A8::/47", inet6)), 201 ok; 202 Reason -> 203 Reason 204 end. 205 206%%----------------------------------------------------------------- 207%% Test Case : 208%% Description: Testing IPv6 Range Operation 209%%----------------------------------------------------------------- 210ipv6_range(_) -> 211 case orber_test_lib:version_ok() of 212 true -> 213 ?match({ok,"2002:C0A8:0:0:0:0:0:0", "2002:C0A8:0:FFFF:FFFF:FFFF:FFFF:FFFF"}, 214 orber_acl:range("2002:C0A8::/48", inet6)), 215 ?match({ok,"2002:C0A8:0:0:0:0:0:0", "2002:C0A8:1:FFFF:FFFF:FFFF:FFFF:FFFF"}, 216 orber_acl:range("2002:C0A8::/47", inet6)), 217 ok; 218 Reason -> 219 Reason 220 end. 221 222%%----------------------------------------------------------------- 223%% Test Case : 224%% Description: Testing IPv6 Interfaces Operation 225%%----------------------------------------------------------------- 226ipv6_interfaces(_) -> 227 case orber_test_lib:version_ok() of 228 true -> 229 ?match({ok, _}, orber_acl:init_acl([{tcp_in, "2002:C0A8::/49", ["0:0:0:0:0:0:10.1.1.1"]}], inet6)), 230 {ok, IPTuple1} = ?match({ok, _}, inet:getaddr("2002:C0A8:0:7FFF:FFFF:FFFF:FFFF:FFFF", inet6)), 231 ?match({true, ["0:0:0:0:0:0:10.1.1.1"], 0}, orber_acl:match(IPTuple1, tcp_in, true)), 232 ?match(false, orber_acl:match(IPTuple1, tcp_out)), 233 ?match(ok, orber_acl:clear_acl()), 234 ok; 235 Reason -> 236 Reason 237 end. 238 239%%----------------------------------------------------------------- 240%% Test Case : 241%% Description: Benchmarking runtime critical IPv6 Operations 242%%----------------------------------------------------------------- 243ipv6_bm(_) -> 244 case orber_test_lib:version_ok() of 245 true -> 246 ?match({ok, _, _, _}, bm2([{tcp_in, "2002:C0A8::/48"}], inet6, "2002:C0A8:0:0:0:0:0:0")), 247 ok; 248 Reason -> 249 Reason 250 end. 251 252%%----------------------------------------------------------------- 253%% Local Functions 254%%----------------------------------------------------------------- 255-define(NO_OF_TIMES, 1000). 256 257bm2(Filters, Family, Ip) -> 258 {ok, IPTuple} = inet:getaddr(Ip, Family), 259 orber_acl:init_acl(Filters, Family), 260 TimeBefore1 = erlang:timestamp(), 261 bm_loop(IPTuple, ?NO_OF_TIMES), 262 TimeAfter1 = erlang:timestamp(), 263 orber_acl:clear_acl(), 264 Time1 = computeTime(TimeBefore1, TimeAfter1), 265 orber_acl:init_acl(Filters, Family), 266 TimeBefore2 = erlang:timestamp(), 267 bm_loop2(Ip, ?NO_OF_TIMES, Family), 268 TimeAfter2 = erlang:timestamp(), 269 orber_acl:clear_acl(), 270 Time2 = computeTime(TimeBefore2, TimeAfter2), 271 orber_acl:init_acl(Filters, Family), 272 TimeBefore3 = erlang:timestamp(), 273 bm_loop2(IPTuple, ?NO_OF_TIMES, Family), 274 TimeAfter3 = erlang:timestamp(), 275 orber_acl:clear_acl(), 276 Time3 = computeTime(TimeBefore3, TimeAfter3), 277 {ok, round(?NO_OF_TIMES/Time1), round(?NO_OF_TIMES/Time2), round(?NO_OF_TIMES/Time3)}. 278 279 280bm_loop(_Ip, 0) -> 281 ok; 282bm_loop(Ip, N) -> 283 true = orber_acl:match(Ip, tcp_in), 284 bm_loop(Ip, N-1). 285 286bm_loop2(_Ip, 0, _Family) -> 287 ok; 288bm_loop2(Ip, N, Family) -> 289 {ok, IPTuple} = inet:getaddr(Ip, Family), 290 true = orber_acl:match(IPTuple, tcp_in), 291 bm_loop2(Ip, N-1, Family). 292 293computeTime({_MegaSecb, Secb, MicroSecb}, {_MegaSeca, Seca, MicroSeca}) -> 294 (Seca - Secb) + ((MicroSeca - MicroSecb) / 1000000). 295 296 297%%----------------------------------------------------------------- 298%% END OF MODULE 299%%----------------------------------------------------------------- 300