[PATCH nft] Add test cases for tproxy support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Signed-off-by: Máté Eckl <ecklm94@xxxxxxxxx>
---
 tests/py/inet/tproxy.t         | 11 +++++++
 tests/py/inet/tproxy.t.payload | 59 ++++++++++++++++++++++++++++++++++
 tests/py/ip/tproxy.t           | 12 +++++++
 tests/py/ip/tproxy.t.payload   | 24 ++++++++++++++
 tests/py/ip6/tproxy.t          | 13 ++++++++
 tests/py/ip6/tproxy.t.payload  | 24 ++++++++++++++
 6 files changed, 143 insertions(+)
 create mode 100644 tests/py/inet/tproxy.t
 create mode 100644 tests/py/inet/tproxy.t.payload
 create mode 100644 tests/py/ip/tproxy.t
 create mode 100644 tests/py/ip/tproxy.t.payload
 create mode 100644 tests/py/ip6/tproxy.t
 create mode 100644 tests/py/ip6/tproxy.t.payload

diff --git a/tests/py/inet/tproxy.t b/tests/py/inet/tproxy.t
new file mode 100644
index 0000000..d71e720
--- /dev/null
+++ b/tests/py/inet/tproxy.t
@@ -0,0 +1,11 @@
+:y;type filter hook prerouting priority -150
+
+*inet;x;y
+
+tproxy;ok
+tproxy to 192.0.2.1;ok
+tproxy to [2001:db8::1];ok
+meta l4proto 6 tproxy to :50080;ok
+meta l4proto 6 tproxy to 192.0.2.1:50080;ok
+meta l4proto 6 tproxy to [2001:db8::1]:50080;ok
+tproxy to :50080;fail
diff --git a/tests/py/inet/tproxy.t.payload b/tests/py/inet/tproxy.t.payload
new file mode 100644
index 0000000..eab89f8
--- /dev/null
+++ b/tests/py/inet/tproxy.t.payload
@@ -0,0 +1,59 @@
+# tproxy
+inet x y 
+  [ tproxy tproxy inet ]
+
+# tproxy to 192.0.2.1
+inet x y 
+  [ immediate reg 1 0x010200c0 ]
+  [ tproxy tproxy ip addr reg 1 ]
+
+# tproxy to [2001:db8::1]
+inet x y 
+  [ immediate reg 1 0xb80d0120 0x00000000 0x00000000 0x01000000 ]
+  [ tproxy tproxy ip6 addr reg 1 ]
+
+# meta l4proto tcp tproxy to :50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x0000a0c3 ]
+  [ tproxy tproxy inet port reg 1 ]
+
+# meta l4proto tcp tproxy to 192.0.2.1:50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x010200c0 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip addr reg 1 port reg 2 ]
+
+# meta l4proto tcp tproxy to [2001:db8::1]:50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0xb80d0120 0x00000000 0x00000000 0x01000000 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip6 addr reg 1 port reg 2 ]
+
+# meta l4proto 6 tproxy to :50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x0000a0c3 ]
+  [ tproxy tproxy inet port reg 1 ]
+
+# meta l4proto 6 tproxy to 192.0.2.1:50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x010200c0 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip addr reg 1 port reg 2 ]
+
+# meta l4proto 6 tproxy to [2001:db8::1]:50080
+inet x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0xb80d0120 0x00000000 0x00000000 0x01000000 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip6 addr reg 1 port reg 2 ]
diff --git a/tests/py/ip/tproxy.t b/tests/py/ip/tproxy.t
new file mode 100644
index 0000000..f7d999f
--- /dev/null
+++ b/tests/py/ip/tproxy.t
@@ -0,0 +1,12 @@
+:y;type filter hook prerouting priority -150
+
+*ip;x;y
+
+tproxy;ok
+tproxy to 192.0.2.1;ok
+tproxy to [2001:db8::1];fail
+meta l4proto 6 tproxy to :50080;ok
+meta l4proto 6 tproxy to 192.0.2.1:50080;ok
+meta l4proto 6 tproxy to [2001:db8::1]:50080;fail
+tproxy to :50080;fail
+
diff --git a/tests/py/ip/tproxy.t.payload b/tests/py/ip/tproxy.t.payload
new file mode 100644
index 0000000..d692ef8
--- /dev/null
+++ b/tests/py/ip/tproxy.t.payload
@@ -0,0 +1,24 @@
+# tproxy
+ip x y 
+  [ tproxy tproxy ip ]
+
+# tproxy to 192.0.2.1
+ip x y 
+  [ immediate reg 1 0x010200c0 ]
+  [ tproxy tproxy ip addr reg 1 ]
+
+# meta l4proto 6 tproxy to :50080
+ip x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x0000a0c3 ]
+  [ tproxy tproxy ip port reg 1 ]
+
+# meta l4proto 6 tproxy to 192.0.2.1:50080
+ip x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x010200c0 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip addr reg 1 port reg 2 ]
+
diff --git a/tests/py/ip6/tproxy.t b/tests/py/ip6/tproxy.t
new file mode 100644
index 0000000..a58e68c
--- /dev/null
+++ b/tests/py/ip6/tproxy.t
@@ -0,0 +1,13 @@
+:y;type filter hook prerouting priority -150
+
+*ip6;x;y
+
+tproxy;ok
+tproxy to 192.0.2.1;fail
+tproxy to [2001:db8::1];ok
+meta l4proto 6 tproxy to :50080;ok
+meta l4proto 6 tproxy to 192.0.2.1:50080;fail
+meta l4proto 6 tproxy to [2001:db8::1]:50080;ok
+tproxy to :50080;fail
+
+
diff --git a/tests/py/ip6/tproxy.t.payload b/tests/py/ip6/tproxy.t.payload
new file mode 100644
index 0000000..3e90b7f
--- /dev/null
+++ b/tests/py/ip6/tproxy.t.payload
@@ -0,0 +1,24 @@
+# tproxy
+ip6 x y 
+  [ tproxy tproxy ip6 ]
+
+# tproxy to [2001:db8::1]
+ip6 x y 
+  [ immediate reg 1 0xb80d0120 0x00000000 0x00000000 0x01000000 ]
+  [ tproxy tproxy ip6 addr reg 1 ]
+
+# meta l4proto 6 tproxy to :50080
+ip6 x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x0000a0c3 ]
+  [ tproxy tproxy ip6 port reg 1 ]
+
+# meta l4proto 6 tproxy to [2001:db8::1]:50080
+ip6 x y 
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0xb80d0120 0x00000000 0x00000000 0x01000000 ]
+  [ immediate reg 2 0x0000a0c3 ]
+  [ tproxy tproxy ip6 addr reg 1 port reg 2 ]
+
-- 
ecklm

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux