1# $OpenBSD: Makefile,v 1.5 2023/10/19 18:36:40 anton Exp $ 2 3# Copyright (c) 2021 Alexander Bluhm <bluhm@openbsd.org> 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17# Setup two pair(4) and one lo(4) interface in different routing 18# domains and with different interface MTU. 19 20# pair1 with MTU 8000 <-> pair2 <-> loopback3 21 22# Both pairs are patched. Between pair2 and loopback3 pf switches 23# the routing table. Do extensive ping tests to check that packets 24# get through. Use tcpbench for TCP path MTU discovery. The jumbo 25# frames with MTU 8000 together with switching the routing domain 26# trigger unusual code paths in the kernel. 27 28# This test uses routing domain 11, 12, 13. 29# Adjust it here, if you want to use something else. 30N1 = 11 31N2 = 12 32N3 = 13 33NUMS = ${N1} ${N2} ${N3} 34PAIRS = ${N1} ${N2} 35IP_${N1} = 169.254.1.${N1} 36IP6_${N1} = fc00:0:0:1::${N1} 37IP_${N2} = 169.254.1.${N2} 38IP6_${N2} = fc00:0:0:1::${N2} 39IP_${N3} = 169.254.0.${N3} 40IP6_${N3} = fc00::${N3} 41 42.include <bsd.own.mk> 43 44.if ! (make(clean) || make(cleandir) || make(obj)) 45 46SYSCTL_FORWARDING != sysctl net.inet.ip.forwarding 47SYSCTL_FORWARDING6 != sysctl net.inet6.ip6.forwarding 48.if ${SYSCTL_FORWARDING:C/.*=//} != 1 || ${SYSCTL_FORWARDING6:C/.*=//} != 1 49regress: 50 @echo sysctl: "${SYSCTL_FORWARDING}" "${SYSCTL_FORWARDING6}" 51 @echo Set sysctl to 1 to run this regress. 52 @echo SKIPPED 53.endif 54 55PF_STATUS != ${SUDO} /sbin/pfctl -si | sed -n 's/^Status: \([^ ]*\) .*/\1/p' 56.if empty(PF_STATUS:MEnabled) 57regress: 58 @echo pf status: "${PF_STATUS}" 59 @echo Enable pf to run this regress. 60 @echo SKIPPED 61.endif 62 63PF_SKIP != ${SUDO} /sbin/pfctl -sI -v | sed -n 's/ (skip)//p' | \ 64 grep -w -e lo${N1} -e lo${N2} -e lo${N3} || : 65.if ! empty(PF_SKIP) 66regress: 67 @echo pf skip: "${PF_SKIP}" 68 @echo Do not set skip on interface lo, lo${N1}, lo${N2} or lo${N3}. 69 @echo SKIPPED 70.endif 71 72PF_ANCHOR != ${SUDO} /sbin/pfctl -sr |\ 73 sed -n 's/^anchor "\([^"]*\)" all$$/\1/p' 74.if empty(PF_ANCHOR:Mregress) 75regress: 76 @echo pf anchor: "${PF_ANCHOR}" 77 @echo Need anchor '"regress"' in pf.conf to load additional rules. 78 @echo SKIPPED 79.endif 80 81.endif 82 83.PHONY: ifconfig unconfig pfctl 84 85REGRESS_SETUP_ONCE += ifconfig 86ifconfig: unconfig 87 # Create and configure pflog and loopback interfaces. 88.for n in ${NUMS} 89 ${SUDO} /sbin/ifconfig lo$n rdomain $n 90 ${SUDO} /sbin/ifconfig lo$n inet 127.0.0.1/8 91 ${SUDO} /sbin/ifconfig lo$n inet6 ::1/128 92 ${SUDO} /sbin/route -n -T $n add -inet 169.254.0.0/16 127.0.0.1 93 ${SUDO} /sbin/route -n -T $n add -inet6 fc00::/48 ::1 94.endfor 95.for n in ${PAIRS} 96 ${SUDO} /sbin/ifconfig pair$n rdomain $n 97 ${SUDO} /sbin/ifconfig pair$n inet ${IP_$n}/24 98 ${SUDO} /sbin/ifconfig pair$n inet6 ${IP6_$n}/64 99.endfor 100 ${SUDO} /sbin/ifconfig pair${N1} patch pair${N2} 101 ${SUDO} /sbin/ifconfig lo${N3} inet ${IP_${N3}}/24 alias 102 ${SUDO} /sbin/ifconfig lo${N3} inet6 ${IP6_${N3}}/64 103 ${SUDO} /sbin/ifconfig pair${N1} mtu 8000 104 ${SUDO} /sbin/route -n -T ${N1} add -inet ${IP_${N3}} ${IP_${N2}} 105 ${SUDO} /sbin/route -n -T ${N1} add -inet6 ${IP6_${N3}} ${IP6_${N2}} 106 # Wait until IPv6 addresses are no longer tentative. 107 for i in `jot 50`; do\ 108 if ! { /sbin/ifconfig pair${N1}; /sbin/ifconfig pair${N2};\ 109 /sbin/ifconfig lo${N3}; } | fgrep -q tentative; then\ 110 break;\ 111 fi;\ 112 sleep .1;\ 113 done 114 ! { /sbin/ifconfig pair${N1}; /sbin/ifconfig pair${N2};\ 115 /sbin/ifconfig lo${N3}; } | fgrep tentative 116 117REGRESS_CLEANUP += unconfig 118unconfig: 119 # Destroy interfaces. 120 -${SUDO} /sbin/route -n -T ${N1} delete -inet ${IP_${N3}} 121 -${SUDO} /sbin/route -n -T ${N1} delete -inet6 ${IP6_${N3}} 122 -${SUDO} /sbin/ifconfig lo${N3} rdomain ${N3} 123 -${SUDO} /sbin/ifconfig lo${N3} inet ${IP_${N3}} delete 124 -${SUDO} /sbin/ifconfig lo${N3} inet6 ${IP6_${N3}} delete 125.for n in ${PAIRS} 126 -${SUDO} /sbin/ifconfig pair$n destroy 127.endfor 128.for n in ${NUMS} 129 -${SUDO} /sbin/route -n -T $n delete -inet 169.254.0.0/16 130 -${SUDO} /sbin/route -n -T $n delete -inet6 fc00::/48 131 -${SUDO} /sbin/ifconfig lo$n inet 127.0.0.1 delete 132 -${SUDO} /sbin/ifconfig lo$n inet6 ::1 delete 133 -${SUDO} /sbin/ifconfig lo$n destroy 134.endfor 135 rm -f stamp-ifconfig 136 137addr.py: Makefile 138 # Create python include file containing the addresses. 139 rm -f $@ $@.tmp 140.for var in N1 N2 N3 141 echo '${var}="${${var}}"' >>$@.tmp 142 echo 'LO_${var}="lo${${var}}"' >>$@.tmp 143 echo 'PAIR_${var}="pair${${var}}"' >>$@.tmp 144 echo 'IP_${var}="${IP_${${var}}}"' >>$@.tmp 145 echo 'IP6_${var}="${IP6_${${var}}}"' >>$@.tmp 146.endfor 147 mv $@.tmp $@ 148 149REGRESS_SETUP_ONCE += pfctl 150pfctl: addr.py pf.conf 151 # Load the pf rules into the kernel. 152 cat addr.py ${.CURDIR}/pf.conf | /sbin/pfctl -n -f - 153 cat addr.py ${.CURDIR}/pf.conf | ${SUDO} /sbin/pfctl -a regress -f - 154 155.for f in 1 2 3 156.for t in 1 2 3 157REGRESS_TARGETS += run-ping-$f-$t 158run-ping-$f-$t: 159 /sbin/ping -c 1 -w 1 -n -V ${N$f} -I ${IP_${N$f}} ${IP_${N$t}} 160 161REGRESS_TARGETS += run-ping6-$f-$t 162run-ping6-$f-$t: 163 /sbin/ping6 -c 1 -w 1 -n -V ${N$f} -I ${IP6_${N$f}} ${IP6_${N$t}} 164 165REGRESS_TARGETS += run-tcpbench-$f-$t 166run-tcpbench-$f-$t: 167 rm -f nc.log 168 nc -4 -v -l -V ${N$t} ${IP_${N$t}} 12345 >/dev/null 2>nc.log & 169 # Wait until nc is listening. 170 for i in `jot 30`; do\ 171 if fgrep -q Listening nc.log; then break; fi; sleep .1; done 172 fgrep Listening nc.log 173 # Test that path MTU dicovery is working. 174 tcpbench -4 -t 5 -V ${N$f} -b ${IP_${N$f}} ${IP_${N$t}} 175.if $f == "3" && $t == "1" 176 # path MTU discovery must create a dynamic route 177 /sbin/route -T ${N$f} -n get -host -inet ${IP_${N$t}} | grep DYNAMIC 178.endif 179 180REGRESS_TARGETS += run-tcpbench6-$f-$t 181run-tcpbench6-$f-$t: 182 rm -f nc.log 183 nc -6 -v -l -V ${N$t} ${IP6_${N$t}} 12345 >/dev/null 2>nc.log & 184 # Wait until nc is listening. 185 for i in `jot 30`; do\ 186 if fgrep -q Listening nc.log; then break; fi; sleep .1; done 187 fgrep Listening nc.log 188 # Test that path MTU dicovery is working. 189 tcpbench -6 -t 5 -V ${N$f} -b ${IP6_${N$f}} ${IP6_${N$t}} 190.if $f == "3" && $t == "1" 191 # path MTU discovery in other rtable does not work in ip6_output() 192 /sbin/route -T ${N$f} -n get -host -inet6 ${IP6_${N$t}} 193 @echo DISABLED 194.endif 195 196.endfor 197.endfor 198 199CLEANFILES += addr.py *.pyc *.log stamp-* 200 201.include <bsd.regress.mk> 202