add test cases for short udp hdr and truncated udp payload
This commit is contained in:
parent
cb1f17c2da
commit
c0844fd4ee
|
@ -42,7 +42,9 @@ module IPL4_example {
|
|||
|
||||
type record pkt_info {
|
||||
nfct_direction direction,
|
||||
octetstring payload optional
|
||||
octetstring payload,
|
||||
NonNegativeInteger trunc_len,
|
||||
boolean exp_pass
|
||||
}
|
||||
|
||||
/* generate a flow_info using pre-defined default addresses + * incremented port */
|
||||
|
@ -82,11 +84,9 @@ module IPL4_example {
|
|||
if (flowi.l4_protocol == tsc_IP_Protocol_UDP) {
|
||||
ret := f_IPv4IPv6_AnyUdpPacket(src_ip, dst_ip, src_port, dst_port);
|
||||
}
|
||||
/*
|
||||
if (pkti.trunc_len < lengthof(ret)) {
|
||||
ret := substr(ret, 0, trunc_len);
|
||||
if (pkti.trunc_len > 0 and pkti.trunc_len < lengthof(ret)) {
|
||||
ret := substr(ret, 0, pkti.trunc_len);
|
||||
}
|
||||
*/
|
||||
return ret
|
||||
}
|
||||
|
||||
|
@ -151,36 +151,44 @@ module IPL4_example {
|
|||
|
||||
/* get a single conntrack entry derived from the specified flow_info */
|
||||
//{ meta := { direction := "original", choice := { orig_repl_group := { layer3 := { protoname := "ipv4", protonum := "2", src := "1.1.1.200", dst := "2.2.2.200" }, layer4 := { protoname := "udp", protonum := "17", sport := 1001, dport := 2001 }, zone := omit, counters := omit } } }, meta_1 := { direction := "reply", choice := { orig_repl_group := { layer3 := { protoname := "ipv4", protonum := "2", src := "2.2.2.200", dst := "1.1.1.200" }, layer4 := { protoname := "udp", protonum := "17", sport := 2001, dport := 1001 }, zone := omit, counters := omit } } }, meta_2 := { direction := "independent", choice := { indep_group := { state := omit, timeout_ := 30, mark := 0, secmark := omit, zone := omit, use := 2, id := 2741869312, assured := omit, unreplied := { }, timestamp := omit, deltatime := omit } } }, when := omit }
|
||||
function f_get_conntrack(flow_info flowi) return Flow {
|
||||
function f_get_conntracks(flow_info flowi) return Flows {
|
||||
var charstring xml := f_get_conntrack_xml(flowi.src_ip, flowi.dst_ip, flowi.l4_protocol, flowi.src_port, flowi.dst_port)
|
||||
var Flows flows := dec_Flows(unichar2oct(xml));
|
||||
return dec_Flows(unichar2oct(xml));
|
||||
}
|
||||
|
||||
function f_get_conntrack(flow_info flowi) return Flow {
|
||||
var Flows flows := f_get_conntracks(flowi);
|
||||
return flows.flow_list[0];
|
||||
}
|
||||
|
||||
function flow_send_pkt_tun1(flow_info flowi, pkt_info pkti) runs on dummy_CT {
|
||||
var octetstring pkt := flow_gen_pkt(flowi, pkti);
|
||||
TUN.send(tunmsg(pkt));
|
||||
T.start;
|
||||
alt {
|
||||
//[] TUN2.receive(tunrcv(pkt)) { }
|
||||
//[] TUN2.receive { log("unexpected receive"); repeat };
|
||||
[] TUN2.receive {}
|
||||
[] T.timeout { setverdict(inconc) }
|
||||
if (pkti.exp_pass) {
|
||||
T.start;
|
||||
alt {
|
||||
//[] TUN2.receive(tunrcv(pkt)) { }
|
||||
//[] TUN2.receive { log("unexpected receive"); repeat };
|
||||
[] TUN2.receive {}
|
||||
[] T.timeout { setverdict(inconc) }
|
||||
}
|
||||
T.stop;
|
||||
}
|
||||
T.stop;
|
||||
}
|
||||
|
||||
function flow_send_pkt_tun2(flow_info flowi, pkt_info pkti) runs on dummy_CT {
|
||||
var octetstring pkt := flow_gen_pkt(flowi, pkti);
|
||||
TUN2.send(tunmsg(pkt));
|
||||
T.start;
|
||||
alt {
|
||||
//[] TUN.receive(tunrcv(pkt)) { }
|
||||
//[] TUN.receive { log("unexpected"); repeat }
|
||||
[] TUN.receive {}
|
||||
[] T.timeout { setverdict(inconc) }
|
||||
if (pkti.exp_pass) {
|
||||
T.start;
|
||||
alt {
|
||||
//[] TUN.receive(tunrcv(pkt)) { }
|
||||
//[] TUN.receive { log("unexpected"); repeat }
|
||||
[] TUN.receive {}
|
||||
[] T.timeout { setverdict(inconc) }
|
||||
}
|
||||
T.stop;
|
||||
}
|
||||
T.stop;
|
||||
}
|
||||
|
||||
function get_nfct_and_match(flow_info flowi, template Flow t_flow) return boolean {
|
||||
|
@ -194,6 +202,20 @@ module IPL4_example {
|
|||
return ret;
|
||||
}
|
||||
|
||||
function get_nfct_ensure_none(flow_info flowi) return boolean {
|
||||
var Flows cts := f_get_conntracks(flowi);
|
||||
var boolean ret := false;
|
||||
if (lengthof(cts.flow_list) == 0) {
|
||||
ret := true;
|
||||
}
|
||||
if (not ret) {
|
||||
log("conntrack found but expected none:", cts);
|
||||
setverdict(fail);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* apply a certain tolerance of up to 1 second in the timeout * retrieved after the packet traversed conntrack */
|
||||
function timeout_range(NonNegativeInteger secs) return template NonNegativeInteger {
|
||||
return (secs-1 .. secs);
|
||||
|
@ -221,6 +243,17 @@ module IPL4_example {
|
|||
log(dec_Flows(unichar2oct(xml)))
|
||||
}
|
||||
|
||||
function pkti_gen(in nfct_direction direction, in octetstring payload := ''O,
|
||||
in NonNegativeInteger trunc_len := 0, in boolean exp_pass := true) return pkt_info {
|
||||
var pkt_info pkti := {
|
||||
direction := direction,
|
||||
payload := payload,
|
||||
trunc_len := trunc_len,
|
||||
exp_pass := exp_pass
|
||||
};
|
||||
return pkti;
|
||||
}
|
||||
|
||||
testcase TC_udp_3way() runs on dummy_CT {
|
||||
var flow_info flowi := flow_gen(get_random_port_offset())
|
||||
var Flow ct;
|
||||
|
@ -228,20 +261,20 @@ module IPL4_example {
|
|||
init();
|
||||
|
||||
log("First packet (ORIG): We expect to create conntrack: unreplied, 30s");
|
||||
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
|
||||
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
t_flow.meta_2.choice.indep_group.unreplied := {};
|
||||
tflow_set_timeout(t_flow, 30);
|
||||
get_nfct_and_match(flowi, t_flow);
|
||||
|
||||
log("Second packet (REPLY): Unreplied should go, still 30s");
|
||||
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
|
||||
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
tflow_set_timeout(t_flow, 30);
|
||||
get_nfct_and_match(flowi, t_flow);
|
||||
|
||||
log("Third packet (ORIG): Assured, 180s");
|
||||
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
|
||||
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
t_flow.meta_2.choice.indep_group.assured := {};
|
||||
tflow_set_timeout(t_flow, 180);
|
||||
|
@ -258,7 +291,7 @@ module IPL4_example {
|
|||
|
||||
for (i := 1; i <= 2; i := i+1) {
|
||||
log("Packet (ORIG): We expect to create conntrack: unreplied, 30s");
|
||||
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O })
|
||||
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
t_flow.meta_2.choice.indep_group.unreplied := {};
|
||||
tflow_set_timeout(t_flow, 30);
|
||||
|
@ -266,13 +299,13 @@ module IPL4_example {
|
|||
}
|
||||
|
||||
log("First (REPLY): Unreplied should go, still 30s");
|
||||
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
|
||||
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
tflow_set_timeout(t_flow, 30);
|
||||
get_nfct_and_match(flowi, t_flow);
|
||||
|
||||
log("Second (REPLY): now 180s");
|
||||
flow_send_pkt_tun2(flowi, { direction := DIR_REPLY, payload := ''O })
|
||||
flow_send_pkt_tun2(flowi, pkti_gen(DIR_REPLY))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
t_flow.meta_2.choice.indep_group.assured := {};
|
||||
tflow_set_timeout(t_flow, 180);
|
||||
|
@ -287,9 +320,22 @@ module IPL4_example {
|
|||
init();
|
||||
|
||||
log("First packet (ORIG): We expect to create no conntrack");
|
||||
flow_send_pkt_tun1(flowi, { direction := DIR_ORIG, payload := ''O})
|
||||
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG, -, 20+5, false))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
get_nfct_and_match(flowi, t_flow);
|
||||
get_nfct_ensure_none(flowi);
|
||||
|
||||
setverdict(pass);
|
||||
}
|
||||
|
||||
testcase TC_udp_shortdata() runs on dummy_CT {
|
||||
var flow_info flowi := flow_gen(get_random_port_offset());
|
||||
var template Flow t_flow;
|
||||
init();
|
||||
|
||||
log("First packet (ORIG): We expect to create no conntrack");
|
||||
flow_send_pkt_tun1(flowi, pkti_gen(DIR_ORIG, -, 20+8+5, false))
|
||||
t_flow := f_nfct_templ_from_flow(flowi);
|
||||
get_nfct_ensure_none(flowi);
|
||||
|
||||
setverdict(pass);
|
||||
}
|
||||
|
@ -298,6 +344,7 @@ module IPL4_example {
|
|||
//execute(TC_xml());
|
||||
execute(TC_udp_3way());
|
||||
execute(TC_udp_uni2());
|
||||
//execute(TC_udp_shorthdr());
|
||||
execute(TC_udp_shorthdr());
|
||||
execute(TC_udp_shortdata());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue