[tck PATCH v2 4/4] nwfilter tests: remove all hardcoded references to 192.168.122 network

Laine Stump <laine@xxxxxxxxx> · Thu, 1 Mar 2018 21:50:00 -0500

The nwfilter tests have a few places that hardcode 192.168.122 as the
address of libvirt's default network. Remove all of these and replace
them with addresses that are dynamically determined based on
get_network_ip().

(This will have the immediate effect of helping the tests to succeed
when libvirt-tck is run in a virtual machine, since virtual machines
often have their default network set to a different subnet (in order
to avoid conflict with the L0 host's default network)).

Signed-off-by: Laine Stump <laine@xxxxxxxxx>
---

New in V2.

Another patch not necessarily related to $subject of the cover letter,
but useful to have.

 scripts/nwfilter/210-no-mac-spoofing.t  |  9 ++++++---
 scripts/nwfilter/220-no-ip-spoofing.t   | 14 ++++++++++----
 scripts/nwfilter/230-no-mac-broadcast.t |  8 ++++++--
 scripts/nwfilter/240-no-arp-spoofing.t  | 19 ++++++++++++++-----
 4 files changed, 36 insertions(+), 14 deletions(-)

diff --git a/scripts/nwfilter/210-no-mac-spoofing.t b/scripts/nwfilter/210-no-mac-spoofing.t
index 148fbeb..7b74f94 100644
--- a/scripts/nwfilter/210-no-mac-spoofing.t
+++ b/scripts/nwfilter/210-no-mac-spoofing.t
@@ -42,6 +42,10 @@ END {
     $tck->cleanup if $tck;
 }
 
+my $networkip = get_network_ip($conn, "default");
+my $networkipaddr = $networkip->addr();
+diag "network ip is $networkip, individual ip is $networkipaddr";
+
 # create first domain and start it
 my $xml = $tck->generic_domain(name => "tck", fullos => 1,
                                netmode => "network",
@@ -71,7 +75,7 @@ my $mac =  get_first_macaddress($dom);
 diag "mac is $mac";
 
 my $guestip = get_ip_from_leases($conn, "default", $mac);
-diag "ip is $guestip";
+diag "guest ip is $guestip";
 
 # check ebtables entry
 my $ebtables = (-e '/sbin/ebtables') ? '/sbin/ebtables' : '/usr/sbin/ebtables';
@@ -82,7 +86,6 @@ $_ = $mac;
 s/00/0/g; 
 ok($ebtable =~ $_, "check ebtables entry");
 
-my $gateway = "192.168.122.1";
 my $macfalse = "52:54:00:f9:21:22";
 my $ping = `ping -c 10 $guestip`;
 diag $ping;
@@ -104,7 +107,7 @@ ip link set \\\$DEV down
 ip link set \\\$DEV address ${macfalse}
 ip link set \\\$DEV up
 ip addr show dev \\\$DEV
-ping -c 10 ${gateway} 2>&1
+ping -c 10 ${networkipaddr} 2>&1
 ip link set \\\$DEV down
 ip link set \\\$DEV address ${mac}
 ip link set \\\$DEV up
diff --git a/scripts/nwfilter/220-no-ip-spoofing.t b/scripts/nwfilter/220-no-ip-spoofing.t
index 2f454c5..85c4807 100644
--- a/scripts/nwfilter/220-no-ip-spoofing.t
+++ b/scripts/nwfilter/220-no-ip-spoofing.t
@@ -45,7 +45,6 @@ END {
 my $networkip = get_network_ip($conn, "default");
 my $networkipaddr = $networkip->addr();
 diag "network ip is $networkip, individual ip is $networkipaddr";
- 
 
 # create first domain and start it
 my $xml = $tck->generic_domain(name => "tck", fullos => 1,
@@ -71,7 +70,14 @@ my $mac =  get_first_macaddress($dom);
 diag "mac is $mac";
 
 my $guestip = get_ip_from_leases($conn, "default", $mac);
-diag "ip is $guestip";
+diag "guest ip is $guestip";
+
+my $spoofip = $networkip + 1;
+if ($spoofip->addr() eq $guestip) {
+    $spoofip++;
+}
+my $spoofipaddr = $spoofip->addr();
+diag "spoof ip is $spoofipaddr";
 
 # check ebtables entry
 my $ebtables = (-e '/sbin/ebtables') ? '/sbin/ebtables' : '/usr/sbin/ebtables';
@@ -96,11 +102,11 @@ ip addr show \\\$DEV
 kill \\\$(pidof dhclient)
 ip link set \\\$DEV down
 ip addr flush dev \\\$DEV
-ip addr add 192.168.122.183/\\\$MASK dev \\\$DEV
+ip addr add ${spoofipaddr}/\\\$MASK dev \\\$DEV
 ip link set \\\$DEV up
 ip addr show \\\$DEV
 sleep 1
-ping -c 1 192.168.122.1
+ping -c 1 ${networkipaddr}
 ip link set \\\$DEV down
 ip addr flush dev \\\$DEV
 ip addr add ${guestip}/\\\$MASK dev \\\$DEV
diff --git a/scripts/nwfilter/230-no-mac-broadcast.t b/scripts/nwfilter/230-no-mac-broadcast.t
index 6f5318a..08695ae 100644
--- a/scripts/nwfilter/230-no-mac-broadcast.t
+++ b/scripts/nwfilter/230-no-mac-broadcast.t
@@ -41,6 +41,10 @@ END {
     $tck->cleanup if $tck;
 }
 
+my $networkip = get_network_ip($conn, "default");
+my $networkipbroadcast = $networkip->broadcast()->addr();
+diag "network ip is $networkip, broadcast address is $networkipbroadcast";
+
 # create first domain and start it
 my $xml = $tck->generic_domain(name => "tck", fullos => 1,
                                netmode => "network",
@@ -80,7 +84,7 @@ ok($ebtable =~ "-d Broadcast -j DROP", "check ebtables entry for \"-d Broadcast
 
 # prepare tcpdump
 diag "prepare tcpdump";
-system("/usr/sbin/tcpdump -v -i virbr0 -n host 192.168.122.255 and ether host ff:ff:ff:ff:ff:ff 2> /tmp/tcpdump.log &");
+system("/usr/sbin/tcpdump -v -i virbr0 -n host $networkipbroadcast and ether host ff:ff:ff:ff:ff:ff 2> /tmp/tcpdump.log &");
 
 # log into guest
 diag "ssh'ing into $guestip";
@@ -92,7 +96,7 @@ my $ssh = Net::OpenSSH->new($guestip,
 # now generate a mac broadcast paket 
 diag "generate mac broadcast";
 my $cmdfile = <<EOF;
-echo 'ping -c 1 192.168.122.255 -b' > /test.sh
+echo 'ping -c 1 $networkipbroadcast -b' > /test.sh
 EOF
 diag $cmdfile;
 my ($stdout, $stderr) = $ssh->capture2($cmdfile);
diff --git a/scripts/nwfilter/240-no-arp-spoofing.t b/scripts/nwfilter/240-no-arp-spoofing.t
index a8ab7a5..350b604 100644
--- a/scripts/nwfilter/240-no-arp-spoofing.t
+++ b/scripts/nwfilter/240-no-arp-spoofing.t
@@ -34,8 +34,6 @@ use Test::Exception;
 use Net::OpenSSH;
 use File::Spec::Functions qw(catfile catdir rootdir);
 
-my $spoofid = "192.168.122.183";
-
 my $tck = Sys::Virt::TCK->new();
 my $conn = eval { $tck->setup(); };
 BAIL_OUT "failed to setup test harness: $@" if $@;
@@ -43,6 +41,10 @@ END {
     $tck->cleanup if $tck;
 }
 
+my $networkip = get_network_ip($conn, "default");
+my $networkipaddr = $networkip->addr();
+diag "network ip is $networkip, individual ip is $networkipaddr";
+
 # create first domain and start it
 my $xml = $tck->generic_domain(name => "tck", fullos => 1,
                                netmode => "network",
@@ -72,7 +74,14 @@ my $mac =  get_first_macaddress($dom);
 diag "mac is $mac";
 
 my $guestip = get_ip_from_leases($conn, "default", $mac);
-diag "ip is $guestip";
+diag "guest ip is $guestip";
+
+my $spoofip = $networkip + 1;
+if ($spoofip->addr() eq $guestip) {
+    $spoofip++;
+}
+my $spoofipaddr = $spoofip->addr();
+diag "spoof ip is $spoofipaddr";
 
 # check ebtables entry
 my $ebtables = (-e '/sbin/ebtables') ? '/sbin/ebtables' : '/usr/sbin/ebtables';
@@ -95,7 +104,7 @@ my $ssh = Net::OpenSSH->new($guestip,
 # now generate a arp spoofing packets 
 diag "generate arpspoof script";
 my $cmdfile = <<EOF;
-echo "arpspoof ${spoofid} &
+echo "arpspoof ${spoofipaddr} &
 sleep 10
 kill -15 \\\$(pidof arpspoof)" > /test.sh
 EOF
@@ -127,7 +136,7 @@ system("kill -15 `/sbin/pidof tcpdump`");
 diag "tcpdump.log:";
 my $tcpdumplog = `cat /tmp/tcpdump.log`;
 diag($tcpdumplog);
-ok($tcpdumplog !~ "${spoofid} is-at", "tcpdump expected to capture no arp reply packets");
+ok($tcpdumplog !~ "${spoofipaddr} is-at", "tcpdump expected to capture no arp reply packets");
 
 shutdown_vm_gracefully($dom);
 
-- 
2.14.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






