add test cases for short udp hdr and truncated udp payload

This commit is contained in:
Harald Welte 2017-07-07 01:07:02 +01:00
parent cb1f17c2da
commit c0844fd4ee
1 changed files with 77 additions and 30 deletions

View File

@ -42,7 +42,9 @@ module IPL4_example {
type record pkt_info {
nfct_direction direction,
octetstring payload optional
octetstring payload,
NonNegativeInteger trunc_len,
boolean exp_pass
}
/* generate a flow_info using pre-defined default addresses + * incremented port */
@ -82,11 +84,9 @@ module IPL4_example {
if (flowi.l4_protocol == tsc_IP_Protocol_UDP) {
ret := f_IPv4IPv6_AnyUdpPacket(src_ip, dst_ip, src_port, dst_port);
}
/*
if (pkti.trunc_len < lengthof(ret)) {
ret := substr(ret, 0, trunc_len);
if (pkti.trunc_len > 0 and pkti.trunc_len < lengthof(ret)) {
ret := substr(ret, 0, pkti.trunc_len);
}
*/
return ret
}
@ -151,36 +151,44 @@ module IPL4_example {
/* get a single conntrack entry derived from the specified flow_info */
//{ meta := { direction := "original", choice := { orig_repl_group := { layer3 := { protoname := "ipv4", protonum := "2", src := "1.1.1.200", dst := "2.2.2.200" }, layer4 := { protoname := "udp", protonum := "17", sport := 1001, dport := 2001 }, zone := omit, counters := omit } } }, meta_1 := { direction := "reply", choice := { orig_repl_group := { layer3 := { protoname := "ipv4", protonum := "2", src := "2.2.2.200", dst := "1.1.1.200" }, layer4 := { protoname := "udp", protonum := "17", sport := 2001, dport := 1001 }, zone := omit, counters := omit } } }, meta_2 := { direction := "independent", choice := { indep_group := { state := omit, timeout_ := 30, mark := 0, secmark := omit, zone := omit, use := 2, id := 2741869312, assured := omit, unreplied := { }, timestamp := omit, deltatime := omit } } }, when := omit }
function f_get_conntrack(flow_info flowi) return Flow {
function f_get_conntracks(flow_info flowi) return Flows {
var charstring xml := f_get_conntrack_xml(flowi.src_ip, flowi.dst_ip, flowi.l4_protocol, flowi.src_port, flowi.dst_port)
var Flows flows := dec_Flows(unichar2oct(xml));
return dec_Flows(unichar2oct(xml));
}
function f_get_conntrack(flow_info flowi) return Flow {
var Flows flows := f_get_conntracks(flowi);
return flows.flow_list[0];
}
function flow_send_pkt_tun1(flow_info flowi, pkt_info pkti) runs on dummy_CT {
var octetstring pkt := flow_gen_pkt(flowi, pkti);
TUN.send(tunmsg(pkt));
T.start;
alt {
//[] TUN2.receive(tunrcv(pkt)) { }
//[] TUN2.receive { log("unexpected receive"); repeat };
[] TUN2.receive {}
[] T.timeout { setverdict(inconc) }
if (pkti.exp_pass) {
T.start;
alt {
//[] TUN2.receive(tunrcv(pkt)) { }
//[] TUN2.receive { log("unexpected receive"); repeat };
[] TUN2.receive {}
[] T.timeout { setverdict(inconc) }
}
T.stop;
}
T.stop;
}
function flow_send_pkt_tun2(flow_info flowi, pkt_info pkti) runs on dummy_CT {
var octetstring pkt := flow_gen_pkt(flowi, pkti);
TUN2.send(tunmsg(pkt));
T.start;
alt {
//[] TUN.receive(tunrcv(pkt)) { }
//[] TUN.receive { log("unexpected"); repeat }
[] TUN.receive {}
[] T.timeout { setverdict(inconc) }
if (pkti.exp_pass) {
T.start;
alt {
//[] TUN.receive(tunrcv(pkt)) { }
//[] TUN.receive { log("unexpected"); repeat }
[] TUN.receive {}
[] T.timeout { setverdict(inconc) }
}
T.stop;
}
T.stop;
}
function get_nfct_and_match(flow_info flowi, template Flow t_flow) return boolean {
@ -194,6 +202,20 @@ module IPL4_example {
return ret;
}
function get_nfct_ensure_none(flow_info flowi) return boolean {
var Flows cts := f_get_conntracks(flowi);
var boolean ret := false;
if (lengthof(cts.flow_list) == 0) {
ret := true;
}
if (not ret) {
log("conntrack found but expected none:", cts);
setverdict(fail);
}
return ret;
}
/* apply a certain tolerance of up to 1 second in the timeout * retrieved after the packet traversed conntrack */
function timeout_range(NonNegativeInteger secs) return template NonNegativeInteger {
return (secs-1 .. secs);
@ -221,6 +243,17 @@ module IPL4_example {
log(dec_Flows(unichar2oct(xml)))
}
function pkti_gen(in nfct_direction direction, in octetstring payload := ''O,
in NonNegativeInteger trunc_len := 0, in boolean exp_pass := true) return pkt_info {
var pkt_info pkti := {
direction := direction,
payload := payload,
trunc_len := trunc_len,
exp_pass := exp_pass
};
return pkti;
}
testcase TC_udp_3way() runs on dummy_CT {
var flow_info flowi := flow_gen(get_random_port_offset())
var Flow ct;
@ -228,20 +261,20 @@ module IPL4_example {
init();
log("First packet (ORIG): We expect to create conntrack: unreplied, 30s");
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
t_flow := f_nfct_templ_from_flow(flowi);
t_flow.meta_2.choice.indep_group.unreplied := {};
tflow_set_timeout(t_flow, 30);
get_nfct_and_match(flowi, t_flow);
log("Second packet (REPLY): Unreplied should go, still 30s");
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
t_flow := f_nfct_templ_from_flow(flowi);
tflow_set_timeout(t_flow, 30);
get_nfct_and_match(flowi, t_flow);
log("Third packet (ORIG): Assured, 180s");
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
t_flow := f_nfct_templ_from_flow(flowi);
t_flow.meta_2.choice.indep_group.assured := {};
tflow_set_timeout(t_flow, 180);
@ -258,7 +291,7 @@ module IPL4_example {
for (i := 1; i <= 2; i := i+1) {
log("Packet (ORIG): We expect to create conntrack: unreplied, 30s");
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
t_flow := f_nfct_templ_from_flow(flowi);
t_flow.meta_2.choice.indep_group.unreplied := {};
tflow_set_timeout(t_flow, 30);
@ -266,13 +299,13 @@ module IPL4_example {
}
log("First (REPLY): Unreplied should go, still 30s");
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
t_flow := f_nfct_templ_from_flow(flowi);
tflow_set_timeout(t_flow, 30);
get_nfct_and_match(flowi, t_flow);
log("Second (REPLY): now 180s");
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
t_flow := f_nfct_templ_from_flow(flowi);
t_flow.meta_2.choice.indep_group.assured := {};
tflow_set_timeout(t_flow, 180);
@ -287,9 +320,22 @@ module IPL4_example {
init();
log("First packet (ORIG): We expect to create no conntrack");
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O})
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG, -, 20+5, false))
t_flow := f_nfct_templ_from_flow(flowi);
get_nfct_and_match(flowi, t_flow);
get_nfct_ensure_none(flowi);
setverdict(pass);
}
testcase TC_udp_shortdata() runs on dummy_CT {
var flow_info flowi := flow_gen(get_random_port_offset());
var template Flow t_flow;
init();
log("First packet (ORIG): We expect to create no conntrack");
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG, -, 20+8+5, false))
t_flow := f_nfct_templ_from_flow(flowi);
get_nfct_ensure_none(flowi);
setverdict(pass);
}
@ -298,6 +344,7 @@ module IPL4_example {
//execute(TC_xml());
execute(TC_udp_3way());
execute(TC_udp_uni2());
//execute(TC_udp_shorthdr());
execute(TC_udp_shorthdr());
execute(TC_udp_shortdata());
}
}