165b2b493SRoopa Prabhu#!/bin/bash 265b2b493SRoopa Prabhu# SPDX-License-Identifier: GPL-2.0 365b2b493SRoopa Prabhu 465b2b493SRoopa Prabhu# This test is for checking IPv4 and IPv6 FIB rules API 565b2b493SRoopa Prabhu 6*6c0ee7b4SHangbin Liusource lib.sh 765b2b493SRoopa Prabhuret=0 865b2b493SRoopa PrabhuPAUSE_ON_FAIL=${PAUSE_ON_FAIL:=no} 965b2b493SRoopa Prabhu 1065b2b493SRoopa PrabhuRTABLE=100 11c21a20d9SGuillaume NaultRTABLE_PEER=101 1265b2b493SRoopa PrabhuGW_IP4=192.51.100.2 1365b2b493SRoopa PrabhuSRC_IP=192.51.100.3 1465b2b493SRoopa PrabhuGW_IP6=2001:db8:1::2 1565b2b493SRoopa PrabhuSRC_IP6=2001:db8:1::3 1665b2b493SRoopa Prabhu 1765b2b493SRoopa PrabhuDEV_ADDR=192.51.100.1 1834632975SHangbin LiuDEV_ADDR6=2001:db8:1::1 1965b2b493SRoopa PrabhuDEV=dummy0 20c21a20d9SGuillaume NaultTESTS="fib_rule6 fib_rule4 fib_rule6_connect fib_rule4_connect" 21c21a20d9SGuillaume Nault 22c21a20d9SGuillaume NaultSELFTEST_PATH="" 2365b2b493SRoopa Prabhu 2465b2b493SRoopa Prabhulog_test() 2565b2b493SRoopa Prabhu{ 2665b2b493SRoopa Prabhu local rc=$1 2765b2b493SRoopa Prabhu local expected=$2 2865b2b493SRoopa Prabhu local msg="$3" 2965b2b493SRoopa Prabhu 3065b2b493SRoopa Prabhu if [ ${rc} -eq ${expected} ]; then 3165b2b493SRoopa Prabhu nsuccess=$((nsuccess+1)) 3265b2b493SRoopa Prabhu printf "\n TEST: %-50s [ OK ]\n" "${msg}" 3365b2b493SRoopa Prabhu else 34f68d7c44SHangbin Liu ret=1 3565b2b493SRoopa Prabhu nfail=$((nfail+1)) 3665b2b493SRoopa Prabhu printf "\n TEST: %-50s [FAIL]\n" "${msg}" 3765b2b493SRoopa Prabhu if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 3865b2b493SRoopa Prabhu echo 3965b2b493SRoopa Prabhu echo "hit enter to continue, 'q' to quit" 4065b2b493SRoopa Prabhu read a 4165b2b493SRoopa Prabhu [ "$a" = "q" ] && exit 1 4265b2b493SRoopa Prabhu fi 4365b2b493SRoopa Prabhu fi 4465b2b493SRoopa Prabhu} 4565b2b493SRoopa Prabhu 4665b2b493SRoopa Prabhulog_section() 4765b2b493SRoopa Prabhu{ 4865b2b493SRoopa Prabhu echo 4965b2b493SRoopa Prabhu echo "######################################################################" 5065b2b493SRoopa Prabhu echo "TEST SECTION: $*" 5165b2b493SRoopa Prabhu echo "######################################################################" 5265b2b493SRoopa Prabhu} 5365b2b493SRoopa Prabhu 54c21a20d9SGuillaume Naultcheck_nettest() 55c21a20d9SGuillaume Nault{ 56c21a20d9SGuillaume Nault if which nettest > /dev/null 2>&1; then 57c21a20d9SGuillaume Nault return 0 58c21a20d9SGuillaume Nault fi 59c21a20d9SGuillaume Nault 60c21a20d9SGuillaume Nault # Add the selftest directory to PATH if not already done 61c21a20d9SGuillaume Nault if [ "${SELFTEST_PATH}" = "" ]; then 62c21a20d9SGuillaume Nault SELFTEST_PATH="$(dirname $0)" 63c21a20d9SGuillaume Nault PATH="${PATH}:${SELFTEST_PATH}" 64c21a20d9SGuillaume Nault 65c21a20d9SGuillaume Nault # Now retry with the new path 66c21a20d9SGuillaume Nault if which nettest > /dev/null 2>&1; then 67c21a20d9SGuillaume Nault return 0 68c21a20d9SGuillaume Nault fi 69c21a20d9SGuillaume Nault 70c21a20d9SGuillaume Nault if [ "${ret}" -eq 0 ]; then 71c21a20d9SGuillaume Nault ret="${ksft_skip}" 72c21a20d9SGuillaume Nault fi 73c21a20d9SGuillaume Nault echo "nettest not found (try 'make -C ${SELFTEST_PATH} nettest')" 74c21a20d9SGuillaume Nault fi 75c21a20d9SGuillaume Nault 76c21a20d9SGuillaume Nault return 1 77c21a20d9SGuillaume Nault} 78c21a20d9SGuillaume Nault 7965b2b493SRoopa Prabhusetup() 8065b2b493SRoopa Prabhu{ 8165b2b493SRoopa Prabhu set -e 82*6c0ee7b4SHangbin Liu setup_ns testns 83*6c0ee7b4SHangbin Liu IP="ip -netns $testns" 8465b2b493SRoopa Prabhu 8565b2b493SRoopa Prabhu $IP link add dummy0 type dummy 8665b2b493SRoopa Prabhu $IP link set dev dummy0 up 8734632975SHangbin Liu $IP address add $DEV_ADDR/24 dev dummy0 8834632975SHangbin Liu $IP -6 address add $DEV_ADDR6/64 dev dummy0 8965b2b493SRoopa Prabhu 9065b2b493SRoopa Prabhu set +e 9165b2b493SRoopa Prabhu} 9265b2b493SRoopa Prabhu 9365b2b493SRoopa Prabhucleanup() 9465b2b493SRoopa Prabhu{ 9565b2b493SRoopa Prabhu $IP link del dev dummy0 &> /dev/null 96*6c0ee7b4SHangbin Liu cleanup_ns $testns 9765b2b493SRoopa Prabhu} 9865b2b493SRoopa Prabhu 99c21a20d9SGuillaume Naultsetup_peer() 100c21a20d9SGuillaume Nault{ 101c21a20d9SGuillaume Nault set -e 102c21a20d9SGuillaume Nault 103*6c0ee7b4SHangbin Liu setup_ns peerns 104*6c0ee7b4SHangbin Liu IP_PEER="ip -netns $peerns" 105c21a20d9SGuillaume Nault $IP_PEER link set dev lo up 106c21a20d9SGuillaume Nault 107*6c0ee7b4SHangbin Liu ip link add name veth0 netns $testns type veth \ 108*6c0ee7b4SHangbin Liu peer name veth1 netns $peerns 109c21a20d9SGuillaume Nault $IP link set dev veth0 up 110c21a20d9SGuillaume Nault $IP_PEER link set dev veth1 up 111c21a20d9SGuillaume Nault 112c21a20d9SGuillaume Nault $IP address add 192.0.2.10 peer 192.0.2.11/32 dev veth0 113c21a20d9SGuillaume Nault $IP_PEER address add 192.0.2.11 peer 192.0.2.10/32 dev veth1 114c21a20d9SGuillaume Nault 115c21a20d9SGuillaume Nault $IP address add 2001:db8::10 peer 2001:db8::11/128 dev veth0 nodad 116c21a20d9SGuillaume Nault $IP_PEER address add 2001:db8::11 peer 2001:db8::10/128 dev veth1 nodad 117c21a20d9SGuillaume Nault 118c21a20d9SGuillaume Nault $IP_PEER address add 198.51.100.11/32 dev lo 119c21a20d9SGuillaume Nault $IP route add table $RTABLE_PEER 198.51.100.11/32 via 192.0.2.11 120c21a20d9SGuillaume Nault 121c21a20d9SGuillaume Nault $IP_PEER address add 2001:db8::1:11/128 dev lo 122c21a20d9SGuillaume Nault $IP route add table $RTABLE_PEER 2001:db8::1:11/128 via 2001:db8::11 123c21a20d9SGuillaume Nault 124c21a20d9SGuillaume Nault set +e 125c21a20d9SGuillaume Nault} 126c21a20d9SGuillaume Nault 127c21a20d9SGuillaume Naultcleanup_peer() 128c21a20d9SGuillaume Nault{ 129c21a20d9SGuillaume Nault $IP link del dev veth0 130*6c0ee7b4SHangbin Liu ip netns del $peerns 131c21a20d9SGuillaume Nault} 132c21a20d9SGuillaume Nault 13365b2b493SRoopa Prabhufib_check_iproute_support() 13465b2b493SRoopa Prabhu{ 13565b2b493SRoopa Prabhu ip rule help 2>&1 | grep -q $1 13665b2b493SRoopa Prabhu if [ $? -ne 0 ]; then 13765b2b493SRoopa Prabhu echo "SKIP: iproute2 iprule too old, missing $1 match" 13865b2b493SRoopa Prabhu return 1 13965b2b493SRoopa Prabhu fi 14065b2b493SRoopa Prabhu 14165b2b493SRoopa Prabhu ip route get help 2>&1 | grep -q $2 14265b2b493SRoopa Prabhu if [ $? -ne 0 ]; then 14365b2b493SRoopa Prabhu echo "SKIP: iproute2 get route too old, missing $2 match" 14465b2b493SRoopa Prabhu return 1 14565b2b493SRoopa Prabhu fi 14665b2b493SRoopa Prabhu 14765b2b493SRoopa Prabhu return 0 14865b2b493SRoopa Prabhu} 14965b2b493SRoopa Prabhu 15065b2b493SRoopa Prabhufib_rule6_del() 15165b2b493SRoopa Prabhu{ 15265b2b493SRoopa Prabhu $IP -6 rule del $1 15365b2b493SRoopa Prabhu log_test $? 0 "rule6 del $1" 15465b2b493SRoopa Prabhu} 15565b2b493SRoopa Prabhu 15665b2b493SRoopa Prabhufib_rule6_del_by_pref() 15765b2b493SRoopa Prabhu{ 1582e252113SGuillaume Nault pref=$($IP -6 rule show $1 table $RTABLE | cut -d ":" -f 1) 15965b2b493SRoopa Prabhu $IP -6 rule del pref $pref 16065b2b493SRoopa Prabhu} 16165b2b493SRoopa Prabhu 16265b2b493SRoopa Prabhufib_rule6_test_match_n_redirect() 16365b2b493SRoopa Prabhu{ 16465b2b493SRoopa Prabhu local match="$1" 16565b2b493SRoopa Prabhu local getmatch="$2" 16621f25cd4SGuillaume Nault local description="$3" 16765b2b493SRoopa Prabhu 16865b2b493SRoopa Prabhu $IP -6 rule add $match table $RTABLE 16965b2b493SRoopa Prabhu $IP -6 route get $GW_IP6 $getmatch | grep -q "table $RTABLE" 17021f25cd4SGuillaume Nault log_test $? 0 "rule6 check: $description" 17165b2b493SRoopa Prabhu 17265b2b493SRoopa Prabhu fib_rule6_del_by_pref "$match" 17321f25cd4SGuillaume Nault log_test $? 0 "rule6 del by pref: $description" 17465b2b493SRoopa Prabhu} 17565b2b493SRoopa Prabhu 176a410a0cfSGuillaume Naultfib_rule6_test_reject() 177a410a0cfSGuillaume Nault{ 178a410a0cfSGuillaume Nault local match="$1" 179a410a0cfSGuillaume Nault local rc 180a410a0cfSGuillaume Nault 181a410a0cfSGuillaume Nault $IP -6 rule add $match table $RTABLE 2>/dev/null 182a410a0cfSGuillaume Nault rc=$? 183a410a0cfSGuillaume Nault log_test $rc 2 "rule6 check: $match" 184a410a0cfSGuillaume Nault 185a410a0cfSGuillaume Nault if [ $rc -eq 0 ]; then 186a410a0cfSGuillaume Nault $IP -6 rule del $match table $RTABLE 187a410a0cfSGuillaume Nault fi 188a410a0cfSGuillaume Nault} 189a410a0cfSGuillaume Nault 19065b2b493SRoopa Prabhufib_rule6_test() 19165b2b493SRoopa Prabhu{ 1928af2ba9aSGuillaume Nault local getmatch 1938af2ba9aSGuillaume Nault local match 194a410a0cfSGuillaume Nault local cnt 1958af2ba9aSGuillaume Nault 19665b2b493SRoopa Prabhu # setup the fib rule redirect route 19765b2b493SRoopa Prabhu $IP -6 route add table $RTABLE default via $GW_IP6 dev $DEV onlink 19865b2b493SRoopa Prabhu 19965b2b493SRoopa Prabhu match="oif $DEV" 20065b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$match" "oif redirect to table" 20165b2b493SRoopa Prabhu 20265b2b493SRoopa Prabhu match="from $SRC_IP6 iif $DEV" 20365b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$match" "iif redirect to table" 20465b2b493SRoopa Prabhu 205a410a0cfSGuillaume Nault # Reject dsfield (tos) options which have ECN bits set 206a410a0cfSGuillaume Nault for cnt in $(seq 1 3); do 207a410a0cfSGuillaume Nault match="dsfield $cnt" 208a410a0cfSGuillaume Nault fib_rule6_test_reject "$match" 209a410a0cfSGuillaume Nault done 210a410a0cfSGuillaume Nault 211a410a0cfSGuillaume Nault # Don't take ECN bits into account when matching on dsfield 21265b2b493SRoopa Prabhu match="tos 0x10" 213a410a0cfSGuillaume Nault for cnt in "0x10" "0x11" "0x12" "0x13"; do 214a410a0cfSGuillaume Nault # Using option 'tos' instead of 'dsfield' as old iproute2 215a410a0cfSGuillaume Nault # versions don't support 'dsfield' in ip rule show. 216a410a0cfSGuillaume Nault getmatch="tos $cnt" 217a410a0cfSGuillaume Nault fib_rule6_test_match_n_redirect "$match" "$getmatch" \ 218a410a0cfSGuillaume Nault "$getmatch redirect to table" 219a410a0cfSGuillaume Nault done 22065b2b493SRoopa Prabhu 22165b2b493SRoopa Prabhu match="fwmark 0x64" 22265b2b493SRoopa Prabhu getmatch="mark 0x64" 22365b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$getmatch" "fwmark redirect to table" 22465b2b493SRoopa Prabhu 22565b2b493SRoopa Prabhu fib_check_iproute_support "uidrange" "uid" 22665b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 22765b2b493SRoopa Prabhu match="uidrange 100-100" 22865b2b493SRoopa Prabhu getmatch="uid 100" 22965b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$getmatch" "uid redirect to table" 23065b2b493SRoopa Prabhu fi 23165b2b493SRoopa Prabhu 23265b2b493SRoopa Prabhu fib_check_iproute_support "sport" "sport" 23365b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 23465b2b493SRoopa Prabhu match="sport 666 dport 777" 23565b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$match" "sport and dport redirect to table" 23665b2b493SRoopa Prabhu fi 23765b2b493SRoopa Prabhu 23865b2b493SRoopa Prabhu fib_check_iproute_support "ipproto" "ipproto" 23965b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 24065b2b493SRoopa Prabhu match="ipproto tcp" 24165b2b493SRoopa Prabhu fib_rule6_test_match_n_redirect "$match" "$match" "ipproto match" 24265b2b493SRoopa Prabhu fi 24365b2b493SRoopa Prabhu 24465b2b493SRoopa Prabhu fib_check_iproute_support "ipproto" "ipproto" 24565b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 24615d55baeSDavid Ahern match="ipproto ipv6-icmp" 24715d55baeSDavid Ahern fib_rule6_test_match_n_redirect "$match" "$match" "ipproto ipv6-icmp match" 24865b2b493SRoopa Prabhu fi 24965b2b493SRoopa Prabhu} 25065b2b493SRoopa Prabhu 251c21a20d9SGuillaume Nault# Verify that the IPV6_TCLASS option of UDPv6 and TCPv6 sockets is properly 252c21a20d9SGuillaume Nault# taken into account when connecting the socket and when sending packets. 253c21a20d9SGuillaume Naultfib_rule6_connect_test() 254c21a20d9SGuillaume Nault{ 255c21a20d9SGuillaume Nault local dsfield 256c21a20d9SGuillaume Nault 257c21a20d9SGuillaume Nault if ! check_nettest; then 258c21a20d9SGuillaume Nault echo "SKIP: Could not run test without nettest tool" 259c21a20d9SGuillaume Nault return 260c21a20d9SGuillaume Nault fi 261c21a20d9SGuillaume Nault 262c21a20d9SGuillaume Nault setup_peer 263c21a20d9SGuillaume Nault $IP -6 rule add dsfield 0x04 table $RTABLE_PEER 264c21a20d9SGuillaume Nault 265c21a20d9SGuillaume Nault # Combine the base DS Field value (0x04) with all possible ECN values 266c21a20d9SGuillaume Nault # (Not-ECT: 0, ECT(1): 1, ECT(0): 2, CE: 3). 267c21a20d9SGuillaume Nault # The ECN bits shouldn't influence the result of the test. 268c21a20d9SGuillaume Nault for dsfield in 0x04 0x05 0x06 0x07; do 269*6c0ee7b4SHangbin Liu nettest -q -6 -B -t 5 -N $testns -O $peerns -U -D \ 270c21a20d9SGuillaume Nault -Q "${dsfield}" -l 2001:db8::1:11 -r 2001:db8::1:11 271c21a20d9SGuillaume Nault log_test $? 0 "rule6 dsfield udp connect (dsfield ${dsfield})" 272c21a20d9SGuillaume Nault 273*6c0ee7b4SHangbin Liu nettest -q -6 -B -t 5 -N $testns -O $peerns -Q "${dsfield}" \ 274c21a20d9SGuillaume Nault -l 2001:db8::1:11 -r 2001:db8::1:11 275c21a20d9SGuillaume Nault log_test $? 0 "rule6 dsfield tcp connect (dsfield ${dsfield})" 276c21a20d9SGuillaume Nault done 277c21a20d9SGuillaume Nault 278c21a20d9SGuillaume Nault $IP -6 rule del dsfield 0x04 table $RTABLE_PEER 279c21a20d9SGuillaume Nault cleanup_peer 280c21a20d9SGuillaume Nault} 281c21a20d9SGuillaume Nault 28265b2b493SRoopa Prabhufib_rule4_del() 28365b2b493SRoopa Prabhu{ 28465b2b493SRoopa Prabhu $IP rule del $1 28565b2b493SRoopa Prabhu log_test $? 0 "del $1" 28665b2b493SRoopa Prabhu} 28765b2b493SRoopa Prabhu 28865b2b493SRoopa Prabhufib_rule4_del_by_pref() 28965b2b493SRoopa Prabhu{ 2902e252113SGuillaume Nault pref=$($IP rule show $1 table $RTABLE | cut -d ":" -f 1) 29165b2b493SRoopa Prabhu $IP rule del pref $pref 29265b2b493SRoopa Prabhu} 29365b2b493SRoopa Prabhu 29465b2b493SRoopa Prabhufib_rule4_test_match_n_redirect() 29565b2b493SRoopa Prabhu{ 29665b2b493SRoopa Prabhu local match="$1" 29765b2b493SRoopa Prabhu local getmatch="$2" 29821f25cd4SGuillaume Nault local description="$3" 29965b2b493SRoopa Prabhu 30065b2b493SRoopa Prabhu $IP rule add $match table $RTABLE 30165b2b493SRoopa Prabhu $IP route get $GW_IP4 $getmatch | grep -q "table $RTABLE" 30221f25cd4SGuillaume Nault log_test $? 0 "rule4 check: $description" 30365b2b493SRoopa Prabhu 30465b2b493SRoopa Prabhu fib_rule4_del_by_pref "$match" 30521f25cd4SGuillaume Nault log_test $? 0 "rule4 del by pref: $description" 30665b2b493SRoopa Prabhu} 30765b2b493SRoopa Prabhu 308563f8e97SGuillaume Naultfib_rule4_test_reject() 309563f8e97SGuillaume Nault{ 310563f8e97SGuillaume Nault local match="$1" 311563f8e97SGuillaume Nault local rc 312563f8e97SGuillaume Nault 313563f8e97SGuillaume Nault $IP rule add $match table $RTABLE 2>/dev/null 314563f8e97SGuillaume Nault rc=$? 315563f8e97SGuillaume Nault log_test $rc 2 "rule4 check: $match" 316563f8e97SGuillaume Nault 317563f8e97SGuillaume Nault if [ $rc -eq 0 ]; then 318563f8e97SGuillaume Nault $IP rule del $match table $RTABLE 319563f8e97SGuillaume Nault fi 320563f8e97SGuillaume Nault} 321563f8e97SGuillaume Nault 32265b2b493SRoopa Prabhufib_rule4_test() 32365b2b493SRoopa Prabhu{ 3248af2ba9aSGuillaume Nault local getmatch 3258af2ba9aSGuillaume Nault local match 326563f8e97SGuillaume Nault local cnt 3278af2ba9aSGuillaume Nault 32865b2b493SRoopa Prabhu # setup the fib rule redirect route 32965b2b493SRoopa Prabhu $IP route add table $RTABLE default via $GW_IP4 dev $DEV onlink 33065b2b493SRoopa Prabhu 33165b2b493SRoopa Prabhu match="oif $DEV" 33265b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$match" "oif redirect to table" 33365b2b493SRoopa Prabhu 334d1abf388SHangbin Liu # need enable forwarding and disable rp_filter temporarily as all the 335d1abf388SHangbin Liu # addresses are in the same subnet and egress device == ingress device. 336*6c0ee7b4SHangbin Liu ip netns exec $testns sysctl -qw net.ipv4.ip_forward=1 337*6c0ee7b4SHangbin Liu ip netns exec $testns sysctl -qw net.ipv4.conf.$DEV.rp_filter=0 33865b2b493SRoopa Prabhu match="from $SRC_IP iif $DEV" 33965b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$match" "iif redirect to table" 340*6c0ee7b4SHangbin Liu ip netns exec $testns sysctl -qw net.ipv4.ip_forward=0 34165b2b493SRoopa Prabhu 342563f8e97SGuillaume Nault # Reject dsfield (tos) options which have ECN bits set 343563f8e97SGuillaume Nault for cnt in $(seq 1 3); do 344563f8e97SGuillaume Nault match="dsfield $cnt" 345563f8e97SGuillaume Nault fib_rule4_test_reject "$match" 346563f8e97SGuillaume Nault done 347563f8e97SGuillaume Nault 348563f8e97SGuillaume Nault # Don't take ECN bits into account when matching on dsfield 34965b2b493SRoopa Prabhu match="tos 0x10" 350563f8e97SGuillaume Nault for cnt in "0x10" "0x11" "0x12" "0x13"; do 351563f8e97SGuillaume Nault # Using option 'tos' instead of 'dsfield' as old iproute2 352563f8e97SGuillaume Nault # versions don't support 'dsfield' in ip rule show. 353563f8e97SGuillaume Nault getmatch="tos $cnt" 354563f8e97SGuillaume Nault fib_rule4_test_match_n_redirect "$match" "$getmatch" \ 355563f8e97SGuillaume Nault "$getmatch redirect to table" 356563f8e97SGuillaume Nault done 35765b2b493SRoopa Prabhu 35865b2b493SRoopa Prabhu match="fwmark 0x64" 35965b2b493SRoopa Prabhu getmatch="mark 0x64" 36065b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$getmatch" "fwmark redirect to table" 36165b2b493SRoopa Prabhu 36265b2b493SRoopa Prabhu fib_check_iproute_support "uidrange" "uid" 36365b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 36465b2b493SRoopa Prabhu match="uidrange 100-100" 36565b2b493SRoopa Prabhu getmatch="uid 100" 36665b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$getmatch" "uid redirect to table" 36765b2b493SRoopa Prabhu fi 36865b2b493SRoopa Prabhu 36965b2b493SRoopa Prabhu fib_check_iproute_support "sport" "sport" 37065b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 37165b2b493SRoopa Prabhu match="sport 666 dport 777" 37265b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$match" "sport and dport redirect to table" 37365b2b493SRoopa Prabhu fi 37465b2b493SRoopa Prabhu 37565b2b493SRoopa Prabhu fib_check_iproute_support "ipproto" "ipproto" 37665b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 37765b2b493SRoopa Prabhu match="ipproto tcp" 37865b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$match" "ipproto tcp match" 37965b2b493SRoopa Prabhu fi 38065b2b493SRoopa Prabhu 38165b2b493SRoopa Prabhu fib_check_iproute_support "ipproto" "ipproto" 38265b2b493SRoopa Prabhu if [ $? -eq 0 ]; then 38365b2b493SRoopa Prabhu match="ipproto icmp" 38465b2b493SRoopa Prabhu fib_rule4_test_match_n_redirect "$match" "$match" "ipproto icmp match" 38565b2b493SRoopa Prabhu fi 38665b2b493SRoopa Prabhu} 38765b2b493SRoopa Prabhu 388c21a20d9SGuillaume Nault# Verify that the IP_TOS option of UDPv4 and TCPv4 sockets is properly taken 389c21a20d9SGuillaume Nault# into account when connecting the socket and when sending packets. 390c21a20d9SGuillaume Naultfib_rule4_connect_test() 391c21a20d9SGuillaume Nault{ 392c21a20d9SGuillaume Nault local dsfield 393c21a20d9SGuillaume Nault 394c21a20d9SGuillaume Nault if ! check_nettest; then 395c21a20d9SGuillaume Nault echo "SKIP: Could not run test without nettest tool" 396c21a20d9SGuillaume Nault return 397c21a20d9SGuillaume Nault fi 398c21a20d9SGuillaume Nault 399c21a20d9SGuillaume Nault setup_peer 400c21a20d9SGuillaume Nault $IP -4 rule add dsfield 0x04 table $RTABLE_PEER 401c21a20d9SGuillaume Nault 402c21a20d9SGuillaume Nault # Combine the base DS Field value (0x04) with all possible ECN values 403c21a20d9SGuillaume Nault # (Not-ECT: 0, ECT(1): 1, ECT(0): 2, CE: 3). 404c21a20d9SGuillaume Nault # The ECN bits shouldn't influence the result of the test. 405c21a20d9SGuillaume Nault for dsfield in 0x04 0x05 0x06 0x07; do 406*6c0ee7b4SHangbin Liu nettest -q -B -t 5 -N $testns -O $peerns -D -U -Q "${dsfield}" \ 407c21a20d9SGuillaume Nault -l 198.51.100.11 -r 198.51.100.11 408c21a20d9SGuillaume Nault log_test $? 0 "rule4 dsfield udp connect (dsfield ${dsfield})" 409c21a20d9SGuillaume Nault 410*6c0ee7b4SHangbin Liu nettest -q -B -t 5 -N $testns -O $peerns -Q "${dsfield}" \ 411c21a20d9SGuillaume Nault -l 198.51.100.11 -r 198.51.100.11 412c21a20d9SGuillaume Nault log_test $? 0 "rule4 dsfield tcp connect (dsfield ${dsfield})" 413c21a20d9SGuillaume Nault done 414c21a20d9SGuillaume Nault 415c21a20d9SGuillaume Nault $IP -4 rule del dsfield 0x04 table $RTABLE_PEER 416c21a20d9SGuillaume Nault cleanup_peer 417c21a20d9SGuillaume Nault} 418c21a20d9SGuillaume Nault 41965b2b493SRoopa Prabhurun_fibrule_tests() 42065b2b493SRoopa Prabhu{ 42165b2b493SRoopa Prabhu log_section "IPv4 fib rule" 42265b2b493SRoopa Prabhu fib_rule4_test 42365b2b493SRoopa Prabhu log_section "IPv6 fib rule" 42465b2b493SRoopa Prabhu fib_rule6_test 42565b2b493SRoopa Prabhu} 4269c154ab4SAlaa Mohamed################################################################################ 4279c154ab4SAlaa Mohamed# usage 4289c154ab4SAlaa Mohamed 4299c154ab4SAlaa Mohamedusage() 4309c154ab4SAlaa Mohamed{ 4319c154ab4SAlaa Mohamed cat <<EOF 4329c154ab4SAlaa Mohamedusage: ${0##*/} OPTS 4339c154ab4SAlaa Mohamed 4349c154ab4SAlaa Mohamed -t <test> Test(s) to run (default: all) 4359c154ab4SAlaa Mohamed (options: $TESTS) 4369c154ab4SAlaa MohamedEOF 4379c154ab4SAlaa Mohamed} 4389c154ab4SAlaa Mohamed 4399c154ab4SAlaa Mohamed################################################################################ 4409c154ab4SAlaa Mohamed# main 4419c154ab4SAlaa Mohamed 4429c154ab4SAlaa Mohamedwhile getopts ":t:h" opt; do 4439c154ab4SAlaa Mohamed case $opt in 4449c154ab4SAlaa Mohamed t) TESTS=$OPTARG;; 4459c154ab4SAlaa Mohamed h) usage; exit 0;; 4469c154ab4SAlaa Mohamed *) usage; exit 1;; 4479c154ab4SAlaa Mohamed esac 4489c154ab4SAlaa Mohameddone 44965b2b493SRoopa Prabhu 45065b2b493SRoopa Prabhuif [ "$(id -u)" -ne 0 ];then 45165b2b493SRoopa Prabhu echo "SKIP: Need root privileges" 4527844ec21SPo-Hsu Lin exit $ksft_skip 45365b2b493SRoopa Prabhufi 45465b2b493SRoopa Prabhu 45565b2b493SRoopa Prabhuif [ ! -x "$(command -v ip)" ]; then 45665b2b493SRoopa Prabhu echo "SKIP: Could not run test without ip tool" 4577844ec21SPo-Hsu Lin exit $ksft_skip 45865b2b493SRoopa Prabhufi 45965b2b493SRoopa Prabhu 46065b2b493SRoopa Prabhu# start clean 46165b2b493SRoopa Prabhucleanup &> /dev/null 46265b2b493SRoopa Prabhusetup 463816cda9aSAlaa Mohamedfor t in $TESTS 464816cda9aSAlaa Mohameddo 465816cda9aSAlaa Mohamed case $t in 466816cda9aSAlaa Mohamed fib_rule6_test|fib_rule6) fib_rule6_test;; 467816cda9aSAlaa Mohamed fib_rule4_test|fib_rule4) fib_rule4_test;; 468c21a20d9SGuillaume Nault fib_rule6_connect_test|fib_rule6_connect) fib_rule6_connect_test;; 469c21a20d9SGuillaume Nault fib_rule4_connect_test|fib_rule4_connect) fib_rule4_connect_test;; 470816cda9aSAlaa Mohamed 471816cda9aSAlaa Mohamed help) echo "Test names: $TESTS"; exit 0;; 472816cda9aSAlaa Mohamed 473816cda9aSAlaa Mohamed esac 474816cda9aSAlaa Mohameddone 47565b2b493SRoopa Prabhucleanup 47665b2b493SRoopa Prabhu 477f68d7c44SHangbin Liuif [ "$TESTS" != "none" ]; then 478f68d7c44SHangbin Liu printf "\nTests passed: %3d\n" ${nsuccess} 479f68d7c44SHangbin Liu printf "Tests failed: %3d\n" ${nfail} 480f68d7c44SHangbin Liufi 481f68d7c44SHangbin Liu 48265b2b493SRoopa Prabhuexit $ret 483