1#	$NetBSD: t_icmp_redirect.sh,v 1.6 2016/11/25 08:51:16 ozaki-r Exp $
2#
3# Copyright (c) 2015 The NetBSD Foundation, Inc.
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10#    notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12#    notice, this list of conditions and the following disclaimer in the
13#    documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
16# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
17# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
18# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
19# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
25# POSSIBILITY OF SUCH DAMAGE.
26#
27
28# Most codes are derived from tests/net/route/t_flags.sh
29
30SOCK_LOCAL=unix://commsock1
31SOCK_PEER=unix://commsock2
32SOCK_GW=unix://commsock3
33BUS=bus1
34BUS2=bus2
35REDIRECT_TIMEOUT=5
36
37DEBUG=${DEBUG:-false}
38
39atf_test_case icmp_redirect_timeout cleanup
40
41icmp_redirect_timeout_head()
42{
43
44	atf_set "descr" "Tests for ICMP redirect timeout";
45	atf_set "require.progs" "rump_server";
46}
47
48setup_local()
49{
50
51	rump_server_start $SOCK_LOCAL
52	rump_server_add_iface $SOCK_LOCAL shmif0 $BUS
53
54	export RUMP_SERVER=$SOCK_LOCAL
55	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.2/24
56	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up
57
58	atf_check -s exit:0 -o ignore rump.sysctl -w \
59	    net.inet.icmp.redirtimeout=$REDIRECT_TIMEOUT
60
61	$DEBUG && rump.ifconfig
62	$DEBUG && rump.netstat -rn -f inet
63}
64
65setup_peer()
66{
67
68	rump_server_start $SOCK_PEER
69	rump_server_add_iface $SOCK_PEER shmif0 $BUS
70
71	export RUMP_SERVER=$SOCK_PEER
72	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.1/24
73	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up
74
75	$DEBUG && rump.ifconfig
76	$DEBUG && rump.netstat -rn -f inet
77}
78
79setup_gw()
80{
81
82	rump_server_start $SOCK_GW
83	rump_server_add_iface $SOCK_GW shmif0 $BUS
84	rump_server_add_iface $SOCK_GW shmif1 $BUS2
85
86	export RUMP_SERVER=$SOCK_GW
87	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.254/24
88	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up
89
90	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 10.0.2.1/24
91	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 alias 10.0.2.2/24
92	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 up
93
94	# Wait until DAD completes (10 sec at most)
95	atf_check -s exit:0 -o ignore rump.ifconfig -w 10
96	atf_check -s not-exit:0 -x "rump.ifconfig shmif1 |grep -q tentative"
97
98	$DEBUG && rump.ifconfig
99	$DEBUG && rump.netstat -rn -f inet
100}
101
102icmp_redirect_timeout_body()
103{
104
105	$DEBUG && ulimit -c unlimited
106
107	setup_local
108	setup_peer
109
110	### Testing Dynamic flag ###
111
112	#
113	# Setup a gateway 10.0.0.254. 10.0.2.1 is behind it.
114	#
115	setup_gw
116
117	#
118	# Teach the peer that 10.0.2.* is behind 10.0.0.254
119	#
120	export RUMP_SERVER=$SOCK_PEER
121	atf_check -s exit:0 -o ignore rump.route add -net 10.0.2.0/24 10.0.0.254
122	# Up, Gateway, Static
123	check_route_flags 10.0.2/24 UGS
124
125	#
126	# Setup the default gateway to the peer, 10.0.0.1
127	#
128	export RUMP_SERVER=$SOCK_LOCAL
129	atf_check -s exit:0 -o ignore rump.route add default 10.0.0.1
130	# Up, Gateway, Static
131	check_route_flags default UGS
132
133	# Try ping 10.0.2.1
134	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.1
135	$DEBUG && rump.netstat -rn -f inet
136
137	# Up, Gateway, Host, Dynamic
138	check_route_flags 10.0.2.1 UGHD
139	check_route_gw 10.0.2.1 10.0.0.254
140
141	atf_check -s exit:0 sleep $((REDIRECT_TIMEOUT + 2))
142
143	# The dynamic entry should be expired and removed
144	check_route_no_entry 10.0.2.1
145
146	export RUMP_SERVER=$SOCK_PEER
147	$DEBUG && rump.netstat -rn -f inet
148
149	rump_server_destroy_ifaces
150}
151
152icmp_redirect_timeout_cleanup()
153{
154
155	$DEBUG && dump
156	cleanup
157}
158
159atf_test_case icmp_redirect cleanup
160
161icmp_redirect_head()
162{
163
164	atf_set "descr" "Tests for icmp redirect";
165	atf_set "require.progs" "rump_server";
166}
167
168setup_redirect()
169{
170	atf_check -s exit:0 -o ignore rump.sysctl -w \
171	    net.inet.ip.redirect=1
172}
173
174teardown_redirect()
175{
176	atf_check -s exit:0 -o ignore rump.sysctl -w \
177	    net.inet.ip.redirect=0
178}
179
180icmp_redirect_body()
181{
182
183	$DEBUG && ulimit -c unlimited
184
185	setup_local
186	setup_peer
187
188	#
189	# Setup a gateway 10.0.0.254. 10.0.2.1 is behind it.
190	#
191	setup_gw
192
193	#
194	# Teach the peer that 10.0.2.* is behind 10.0.0.254
195	#
196	export RUMP_SERVER=$SOCK_PEER
197	atf_check -s exit:0 -o ignore rump.route add -net 10.0.2.0/24 10.0.0.254
198	# Up, Gateway, Static
199	check_route_flags 10.0.2/24 UGS
200
201	#
202	# Setup the default gateway to the peer, 10.0.0.1
203	#
204	export RUMP_SERVER=$SOCK_LOCAL
205	atf_check -s exit:0 -o ignore rump.route add default 10.0.0.1
206	# Up, Gateway, Static
207	check_route_flags default UGS
208
209
210	### ICMP redirects are NOT sent by the peer ###
211
212	#
213	# Disable net.inet.ip.redirect
214	#
215	export RUMP_SERVER=$SOCK_PEER
216	teardown_redirect
217
218	# Try ping 10.0.2.1
219	export RUMP_SERVER=$SOCK_LOCAL
220	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.1
221	$DEBUG && rump.netstat -rn -f inet
222
223	# A direct route shouldn't be created
224	check_route_no_entry 10.0.2.1
225
226
227	### ICMP redirects are sent by the peer ###
228
229	#
230	# Enable net.inet.ip.redirect
231	#
232	export RUMP_SERVER=$SOCK_PEER
233	setup_redirect
234
235	# Try ping 10.0.2.1
236	export RUMP_SERVER=$SOCK_LOCAL
237	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.1
238	$DEBUG && rump.netstat -rn -f inet
239
240	# Up, Gateway, Host, Dynamic
241	check_route_flags 10.0.2.1 UGHD
242	check_route_gw 10.0.2.1 10.0.0.254
243
244	export RUMP_SERVER=$SOCK_PEER
245	$DEBUG && rump.netstat -rn -f inet
246
247
248	# cleanup
249	export RUMP_SERVER=$SOCK_LOCAL
250	atf_check -s exit:0 -o ignore rump.route delete 10.0.2.1
251	check_route_no_entry 10.0.2.1
252
253
254	### ICMP redirects are NOT sent by the peer (again) ###
255
256	#
257	# Disable net.inet.ip.redirect
258	#
259	export RUMP_SERVER=$SOCK_PEER
260	teardown_redirect
261
262	# Try ping 10.0.2.1
263	export RUMP_SERVER=$SOCK_LOCAL
264	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.1
265	$DEBUG && rump.netstat -rn -f inet
266
267	# A direct route shouldn't be created
268	check_route_no_entry 10.0.2.1
269
270	rump_server_destroy_ifaces
271}
272
273icmp_redirect_cleanup()
274{
275
276	$DEBUG && dump
277	cleanup
278}
279
280atf_init_test_cases()
281{
282
283	atf_add_test_case icmp_redirect
284	atf_add_test_case icmp_redirect_timeout
285}
286