1*427e22f8Santon# $OpenBSD: Makefile,v 1.9 2023/10/19 18:36:40 anton Exp $ 2fedd0085Sbluhm 320b3c463Sbluhm# Copyright (c) 2018-2020 Alexander Bluhm <bluhm@openbsd.org> 4fedd0085Sbluhm# 5fedd0085Sbluhm# Permission to use, copy, modify, and distribute this software for any 6fedd0085Sbluhm# purpose with or without fee is hereby granted, provided that the above 7fedd0085Sbluhm# copyright notice and this permission notice appear in all copies. 8fedd0085Sbluhm# 9fedd0085Sbluhm# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10fedd0085Sbluhm# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11fedd0085Sbluhm# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12fedd0085Sbluhm# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13fedd0085Sbluhm# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14fedd0085Sbluhm# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15fedd0085Sbluhm# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16fedd0085Sbluhm 17fedd0085Sbluhm# Set up two gif interfaces in different routing domains. 18fedd0085Sbluhm# Try to ping existing addresses in these domains with various tunnels. 19fedd0085Sbluhm 20e2c14723Sbluhm# This test uses routing domain and interface number 11 and 12. 21fedd0085Sbluhm# Adjust it here, if you want to use something else. 22fedd0085SbluhmN1 = 11 23fedd0085SbluhmN2 = 12 24fedd0085SbluhmNUMS = ${N1} ${N2} 25fedd0085Sbluhm 26fedd0085SbluhmTUNNEL4_SRC_ADDR4_${N1} = 10.188.44.${N1} 27fedd0085SbluhmTUNNEL4_DST_ADDR4_${N1} = 10.188.44.${N2} 28fedd0085SbluhmTUNNEL6_SRC_ADDR4_${N1} = 10.188.64.${N1} 29fedd0085SbluhmTUNNEL6_DST_ADDR4_${N1} = 10.188.64.${N2} 30fedd0085SbluhmSRC_TUNNEL4_${N1} = 10.188.4.${N1} 31fedd0085SbluhmDST_TUNNEL4_${N1} = 10.188.4.${N2} 32fedd0085SbluhmTUNNEL4_SRC_ADDR6_${N1} = fdd7:e83e:66bc:46::${N1} 33fedd0085SbluhmTUNNEL4_DST_ADDR6_${N1} = fdd7:e83e:66bc:46::${N2} 34fedd0085SbluhmTUNNEL6_SRC_ADDR6_${N1} = fdd7:e83e:66bc:66::${N1} 35fedd0085SbluhmTUNNEL6_DST_ADDR6_${N1} = fdd7:e83e:66bc:66::${N2} 36fedd0085SbluhmSRC_TUNNEL6_${N1} = fdd7:e83e:66bc:6::${N1} 37fedd0085SbluhmDST_TUNNEL6_${N1} = fdd7:e83e:66bc:6::${N2} 38fedd0085Sbluhm 39fedd0085SbluhmTUNNEL4_SRC_ADDR4_${N2} = ${TUNNEL4_DST_ADDR4_${N1}} 40fedd0085SbluhmTUNNEL4_DST_ADDR4_${N2} = ${TUNNEL4_SRC_ADDR4_${N1}} 41fedd0085SbluhmTUNNEL6_SRC_ADDR4_${N2} = ${TUNNEL6_DST_ADDR4_${N1}} 42fedd0085SbluhmTUNNEL6_DST_ADDR4_${N2} = ${TUNNEL6_SRC_ADDR4_${N1}} 43fedd0085SbluhmSRC_TUNNEL4_${N2} = ${DST_TUNNEL4_${N1}} 44fedd0085SbluhmDST_TUNNEL4_${N2} = ${SRC_TUNNEL4_${N1}} 45fedd0085SbluhmTUNNEL4_SRC_ADDR6_${N2} = ${TUNNEL4_DST_ADDR6_${N1}} 46fedd0085SbluhmTUNNEL4_DST_ADDR6_${N2} = ${TUNNEL4_SRC_ADDR6_${N1}} 47fedd0085SbluhmTUNNEL6_SRC_ADDR6_${N2} = ${TUNNEL6_DST_ADDR6_${N1}} 48fedd0085SbluhmTUNNEL6_DST_ADDR6_${N2} = ${TUNNEL6_SRC_ADDR6_${N1}} 49fedd0085SbluhmSRC_TUNNEL6_${N2} = ${DST_TUNNEL6_${N1}} 50fedd0085SbluhmDST_TUNNEL6_${N2} = ${SRC_TUNNEL6_${N1}} 51fedd0085Sbluhm 52fedd0085Sbluhm.include <bsd.own.mk> 53fedd0085Sbluhm 54fedd0085Sbluhm.if ! (make(clean) || make(cleandir) || make(obj)) 55fedd0085Sbluhm 5620b3c463SbluhmSYSCTL_FORWARDING != sysctl net.inet.ip.forwarding 57fedd0085Sbluhm.if ${SYSCTL_FORWARDING:C/.*=//} != 1 58fedd0085Sbluhmregress: 5920b3c463Sbluhm @echo sysctl: "${SYSCTL_FORWARDING}" 6020b3c463Sbluhm @echo Set sysctl to 1 to run this regress. 61fedd0085Sbluhm @echo SKIPPED 62fedd0085Sbluhm.endif 63fedd0085Sbluhm 643a262c66SbluhmPF_STATUS != ${SUDO} /sbin/pfctl -si | sed -n 's/^Status: \([^ ]*\) .*/\1/p' 6520b3c463Sbluhm.if empty(PF_STATUS:MEnabled) 66fedd0085Sbluhmregress: 6720b3c463Sbluhm @echo pf status: "${PF_STATUS}" 6820b3c463Sbluhm @echo Enable pf to run this regress. 6920b3c463Sbluhm @echo SKIPPED 7020b3c463Sbluhm.endif 714be5cdd0SantonPF_SKIP != ${SUDO} /sbin/pfctl -sI -v | sed -n 's/ (skip)//p' | \ 724be5cdd0Santon grep -w -e lo${N1} -e lo${N2} || : 734be5cdd0Santon.if ! empty(PF_SKIP) 7420b3c463Sbluhmregress: 7520b3c463Sbluhm @echo pf skip: "${PF_SKIP}" 76fedd0085Sbluhm @echo Do not set skip on interface lo, lo${N1}, or lo${N2}. 77fedd0085Sbluhm @echo SKIPPED 78fedd0085Sbluhm.endif 7920b3c463Sbluhm 803a262c66SbluhmPF_ANCHOR != ${SUDO} /sbin/pfctl -sr |\ 813a262c66Sbluhm sed -n 's/^anchor "\([^"]*\)" all$$/\1/p' 8220b3c463Sbluhm.if empty(PF_ANCHOR:Mregress) 8320b3c463Sbluhmregress: 8420b3c463Sbluhm @echo pf anchor: "${PF_ANCHOR}" 8520b3c463Sbluhm @echo Need anchor '"regress"' in pf.conf to load additional rules. 8620b3c463Sbluhm @echo SKIPPED 8720b3c463Sbluhm.endif 8820b3c463Sbluhm 89fedd0085Sbluhm.endif 90fedd0085Sbluhm 91ae9fff4eSbluhm.PHONY: busy-rdomains ifconfig unconfig pfctl 92fedd0085Sbluhm 93ae9fff4eSbluhmREGRESS_SETUP_ONCE += busy-rdomains 94ca7f5f6fSbluhmbusy-rdomains: 95ae9fff4eSbluhm # Check if rdomains are busy. 96fedd0085Sbluhm.for n in ${NUMS} 97ae9fff4eSbluhm @if /sbin/ifconfig | grep -v '^lo$n:' | grep ' rdomain $n '; then\ 98ae9fff4eSbluhm echo routing domain $n is already used >&2; exit 1; fi 99fedd0085Sbluhm.endfor 100fedd0085Sbluhm 101ae9fff4eSbluhmREGRESS_SETUP_ONCE += ifconfig 102ca7f5f6fSbluhmifconfig: unconfig 103ae9fff4eSbluhm # Create and configure loopback interfaces. 104fedd0085Sbluhm.for n in ${NUMS} 1053a262c66Sbluhm ${SUDO} /sbin/ifconfig lo$n rdomain $n 1063a262c66Sbluhm ${SUDO} /sbin/ifconfig lo$n inet 127.0.0.1/8 1073a262c66Sbluhm ${SUDO} /sbin/ifconfig lo$n inet6 ::1/128 1083a262c66Sbluhm ${SUDO} /sbin/ifconfig lo$n inet ${SRC_TUNNEL4_$n} alias 1093a262c66Sbluhm ${SUDO} /sbin/ifconfig lo$n inet6 ${SRC_TUNNEL6_$n} alias 1103a262c66Sbluhm ${SUDO} /sbin/route -n -T $n add -inet -host ${DST_TUNNEL4_$n} 127.0.0.1 1113a262c66Sbluhm ${SUDO} /sbin/route -n -T $n add -inet6 -host ${DST_TUNNEL6_$n} ::1 1123a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n4 create rdomain $n tunneldomain $n 1133a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n4 tunnel ${SRC_TUNNEL4_$n} ${DST_TUNNEL4_$n} 1143a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n4 inet ${TUNNEL4_SRC_ADDR4_$n}/32\ 115ae9fff4eSbluhm ${TUNNEL4_DST_ADDR4_$n} 1163a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n4 inet6 ${TUNNEL4_SRC_ADDR6_$n}\ 117ae9fff4eSbluhm ${TUNNEL4_DST_ADDR6_$n} 1183a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n6 create rdomain $n tunneldomain $n 1193a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n6 tunnel ${SRC_TUNNEL6_$n}\ 120ae9fff4eSbluhm ${DST_TUNNEL6_$n} 1213a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n6 inet ${TUNNEL6_SRC_ADDR4_$n}/32\ 122ae9fff4eSbluhm ${TUNNEL6_DST_ADDR4_$n} 1233a262c66Sbluhm ${SUDO} /sbin/ifconfig gif$n6 inet6 ${TUNNEL6_SRC_ADDR6_$n}\ 124ae9fff4eSbluhm ${TUNNEL6_DST_ADDR6_$n} 125fedd0085Sbluhm.endfor 1263a262c66Sbluhm # Wait until IPv6 addresses are no longer tentative. 1273a262c66Sbluhm for i in `jot 50`; do\ 1283a262c66Sbluhm if ! { /sbin/ifconfig lo${N1}; /sbin/ifconfig lo${N2};\ 1293a262c66Sbluhm /sbin/ifconfig gif${N1}4; /sbin/ifconfig gif${N1}6;\ 1303a262c66Sbluhm /sbin/ifconfig gif${N2}4; /sbin/ifconfig gif${N2}6; }\ 1313a262c66Sbluhm | fgrep -q tentative; then\ 1323a262c66Sbluhm break;\ 1333a262c66Sbluhm fi;\ 1343a262c66Sbluhm sleep .1;\ 1353a262c66Sbluhm done 1363a262c66Sbluhm ! { /sbin/ifconfig lo${N1}; /sbin/ifconfig lo${N2};\ 1373a262c66Sbluhm /sbin/ifconfig gif${N1}4; /sbin/ifconfig gif${N1}6;\ 1383a262c66Sbluhm /sbin/ifconfig gif${N2}4; /sbin/ifconfig gif${N2}6; }\ 1393a262c66Sbluhm | fgrep -q tentative 140fedd0085Sbluhm 141ae9fff4eSbluhmREGRESS_CLEANUP += unconfig 142ae9fff4eSbluhmunconfig: 143ae9fff4eSbluhm.for n in ${NUMS} 1443a262c66Sbluhm -${SUDO} /sbin/ifconfig lo$n rdomain $n 1453a262c66Sbluhm -${SUDO} /sbin/ifconfig lo$n inet 127.0.0.1 delete 1463a262c66Sbluhm -${SUDO} /sbin/ifconfig lo$n inet6 ::1 delete 1473a262c66Sbluhm -${SUDO} /sbin/ifconfig lo$n inet ${SRC_TUNNEL4_$n} delete 1483a262c66Sbluhm -${SUDO} /sbin/ifconfig lo$n inet6 ${SRC_TUNNEL6_$n} delete 1493a262c66Sbluhm -${SUDO} /sbin/ifconfig gif$n4 destroy 1503a262c66Sbluhm -${SUDO} /sbin/ifconfig gif$n6 destroy 151*427e22f8Santon -${SUDO} /sbin/ifconfig lo$n destroy 152ae9fff4eSbluhm.endfor 153ae9fff4eSbluhm rm -f stamp-ifconfig 154ae9fff4eSbluhm 155fedd0085Sbluhmaddr.py: Makefile 156ae9fff4eSbluhm # Create python include file containing the addresses. 157fedd0085Sbluhm rm -f $@ $@.tmp 158fedd0085Sbluhm.for N in N1 N2 159fedd0085Sbluhm echo '${N}="${${N}}"' >>$@.tmp 160fedd0085Sbluhm echo 'IF_${N}="lo${${N}}"' >>$@.tmp 161fedd0085Sbluhm echo 'DST_TUNNEL4_${N}="${DST_TUNNEL4_${${N}}}"' >>$@.tmp 162fedd0085Sbluhm echo 'DST_TUNNEL6_${N}="${DST_TUNNEL6_${${N}}}"' >>$@.tmp 163fedd0085Sbluhm.endfor 164fedd0085Sbluhm mv $@.tmp $@ 165fedd0085Sbluhm 166ae9fff4eSbluhmREGRESS_SETUP_ONCE += pfctl 167ae9fff4eSbluhmpfctl: addr.py pf.conf 168fedd0085Sbluhm # Load the pf rules into the kernel. 169fedd0085Sbluhm cat addr.py ${.CURDIR}/pf.conf | /sbin/pfctl -n -f - 1703a262c66Sbluhm cat addr.py ${.CURDIR}/pf.conf | ${SUDO} /sbin/pfctl -a regress -f - 1715d7c147eSbluhm # ifconfig gif inet6 DAD created tunnel states based on old pf rules 1725d7c147eSbluhm ${SUDO} /sbin/pfctl -Fs 173fedd0085Sbluhm 174fedd0085Sbluhm.for n in ${N1} ${N2} 175fedd0085Sbluhm 176ae9fff4eSbluhmREGRESS_TARGETS += run-ping-local-$n 177ae9fff4eSbluhmrun-ping-local-$n: 178ae9fff4eSbluhm # Ping localhost in routing domain $n. 179ae9fff4eSbluhm /sbin/ping -n -w 1 -c 1 -V $n 127.0.0.1 180fedd0085Sbluhm 181ae9fff4eSbluhmREGRESS_TARGETS += run-ping-src-$n 182ae9fff4eSbluhmrun-ping-src-$n: 183ae9fff4eSbluhm # Ping source address in local routing domain. SRC_TUNNEL4_$n 184ae9fff4eSbluhm /sbin/ping -n -w 1 -c 1 -V $n ${SRC_TUNNEL4_$n} 185fedd0085Sbluhm 186ae9fff4eSbluhmREGRESS_TARGETS += run-ping-dst-$n 187ae9fff4eSbluhmrun-ping-dst-$n: 188ae9fff4eSbluhm # Ping destination address in other routing domain. DST_TUNNEL4_$n 189ae9fff4eSbluhm /sbin/ping -n -w 1 -c 1 -V $n ${DST_TUNNEL4_$n} 190fedd0085Sbluhm 191ae9fff4eSbluhmREGRESS_TARGETS += run-ping-tunnel4-$n 192ae9fff4eSbluhmrun-ping-tunnel4-$n: 193ae9fff4eSbluhm # Ping IPv4 address through IPv4 tunnel. TUNNEL4_DST_ADDR4_$n 194ae9fff4eSbluhm /sbin/ping -n -w 1 -c 1 -V $n ${TUNNEL4_DST_ADDR4_$n} 195fedd0085Sbluhm 196ae9fff4eSbluhmREGRESS_TARGETS += run-ping-tunnel6-$n 197ae9fff4eSbluhmrun-ping-tunnel6-$n: 198ae9fff4eSbluhm # Ping IPv4 address through IPv6 tunnel. TUNNEL6_DST_ADDR4_$n 199ae9fff4eSbluhm /sbin/ping -n -w 1 -c 1 -V $n ${TUNNEL6_DST_ADDR4_$n} 200fedd0085Sbluhm 201ae9fff4eSbluhmREGRESS_TARGETS += run-ping6-local-$n 202ae9fff4eSbluhmrun-ping6-local-$n: 203ae9fff4eSbluhm # Ping localhost in routing domain $n. 204ae9fff4eSbluhm /sbin/ping6 -n -w 1 -c 1 -V $n ::1 205fedd0085Sbluhm 206ae9fff4eSbluhmREGRESS_TARGETS += run-ping6-src-$n 207ae9fff4eSbluhmrun-ping6-src-$n: 208ae9fff4eSbluhm # Ping source address in local routing domain. SRC_TUNNEL6_$n 209ae9fff4eSbluhm /sbin/ping6 -n -w 1 -c 1 -V $n ${SRC_TUNNEL6_$n} 210fedd0085Sbluhm 211ae9fff4eSbluhmREGRESS_TARGETS += run-ping6-dst-$n 212ae9fff4eSbluhmrun-ping6-dst-$n: 213ae9fff4eSbluhm # Ping destination address in other routing domain. DST_TUNNEL6_$n 214ae9fff4eSbluhm /sbin/ping6 -n -w 1 -c 1 -V $n ${DST_TUNNEL6_$n} 215fedd0085Sbluhm 216ae9fff4eSbluhmREGRESS_TARGETS += run-ping6-tunnel4-$n 217ae9fff4eSbluhmrun-ping6-tunnel4-$n: 218ae9fff4eSbluhm # Ping IPv6 address through IPv4 tunnel. TUNNEL4_DST_ADDR6_$n 219ae9fff4eSbluhm /sbin/ping6 -n -w 1 -c 1 -V $n ${TUNNEL4_DST_ADDR6_$n} 220fedd0085Sbluhm 221ae9fff4eSbluhmREGRESS_TARGETS += run-ping6-tunnel6-$n 222ae9fff4eSbluhmrun-ping6-tunnel6-$n: 223ae9fff4eSbluhm # Ping IPv6 address through IPv6 tunnel. TUNNEL6_DST_ADDR6_$n 224ae9fff4eSbluhm /sbin/ping6 -n -w 1 -c 1 -V $n ${TUNNEL6_DST_ADDR6_$n} 225fedd0085Sbluhm 226fedd0085Sbluhm.endfor 227fedd0085Sbluhm 228ae9fff4eSbluhmCLEANFILES += addr.py *.pyc *.log 229fedd0085Sbluhm 230fedd0085Sbluhm.include <bsd.regress.mk> 231