linux/tools/testing/selftests/net/fib_rule_tests.sh
<<
>>
Prefs 
   1#!/bin/bash
   2# SPDX-License-Identifier: GPL-2.0
   3
   4# This test is for checking IPv4 and IPv6 FIB rules API
   5
   6# Kselftest framework requirement - SKIP code is 4.
   7ksft_skip=4
   8
   9ret=0
  10
  11PAUSE_ON_FAIL=${PAUSE_ON_FAIL:=no}
  12IP="ip -netns testns"
  13
  14RTABLE=100
  15GW_IP4=192.51.100.2
  16SRC_IP=192.51.100.3
  17GW_IP6=2001:db8:1::2
  18SRC_IP6=2001:db8:1::3
  19
  20DEV_ADDR=192.51.100.1
  21DEV_ADDR6=2001:db8:1::1
  22DEV=dummy0
  23
  24log_test()
  25{
  26        local rc=$1
  27        local expected=$2
  28        local msg="$3"
  29
  30        if [ ${rc} -eq ${expected} ]; then
  31                nsuccess=$((nsuccess+1))
  32                printf "\n    TEST: %-50s  [ OK ]\n" "${msg}"
  33        else
  34                ret=1
  35                nfail=$((nfail+1))
  36                printf "\n    TEST: %-50s  [FAIL]\n" "${msg}"
  37                if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
  38                        echo
  39                        echo "hit enter to continue, 'q' to quit"
  40                        read a
  41                        [ "$a" = "q" ] && exit 1
  42                fi
  43        fi
  44}
  45
  46log_section()
  47{
  48        echo
  49        echo "######################################################################"
  50        echo "TEST SECTION: $*"
  51        echo "######################################################################"
  52}
  53
  54setup()
  55{
  56        set -e
  57        ip netns add testns
  58        $IP link set dev lo up
  59
  60        $IP link add dummy0 type dummy
  61        $IP link set dev dummy0 up
  62        $IP address add $DEV_ADDR/24 dev dummy0
  63        $IP -6 address add $DEV_ADDR6/64 dev dummy0
  64
  65        set +e
  66}
  67
  68cleanup()
  69{
  70        $IP link del dev dummy0 &> /dev/null
  71        ip netns del testns
  72}
  73
  74fib_check_iproute_support()
  75{
  76        ip rule help 2>&1 | grep -q $1
  77        if [ $? -ne 0 ]; then
  78                echo "SKIP: iproute2 iprule too old, missing $1 match"
  79                return 1
  80        fi
  81
  82        ip route get help 2>&1 | grep -q $2
  83        if [ $? -ne 0 ]; then
  84                echo "SKIP: iproute2 get route too old, missing $2 match"
  85                return 1
  86        fi
  87
  88        return 0
  89}
  90
  91fib_rule6_del()
  92{
  93        $IP -6 rule del $1
  94        log_test $? 0 "rule6 del $1"
  95}
  96
  97fib_rule6_del_by_pref()
  98{
  99        pref=$($IP -6 rule show | grep "$1 lookup $TABLE" | cut -d ":" -f 1)
 100        $IP -6 rule del pref $pref
 101}
 102
 103fib_rule6_test_match_n_redirect()
 104{
 105        local match="$1"
 106        local getmatch="$2"
 107
 108        $IP -6 rule add $match table $RTABLE
 109        $IP -6 route get $GW_IP6 $getmatch | grep -q "table $RTABLE"
 110        log_test $? 0 "rule6 check: $1"
 111
 112        fib_rule6_del_by_pref "$match"
 113        log_test $? 0 "rule6 del by pref: $match"
 114}
 115
 116fib_rule6_test()
 117{
 118        # setup the fib rule redirect route
 119        $IP -6 route add table $RTABLE default via $GW_IP6 dev $DEV onlink
 120
 121        match="oif $DEV"
 122        fib_rule6_test_match_n_redirect "$match" "$match" "oif redirect to table"
 123
 124        match="from $SRC_IP6 iif $DEV"
 125        fib_rule6_test_match_n_redirect "$match" "$match" "iif redirect to table"
 126
 127        match="tos 0x10"
 128        fib_rule6_test_match_n_redirect "$match" "$match" "tos redirect to table"
 129
 130        match="fwmark 0x64"
 131        getmatch="mark 0x64"
 132        fib_rule6_test_match_n_redirect "$match" "$getmatch" "fwmark redirect to table"
 133
 134        fib_check_iproute_support "uidrange" "uid"
 135        if [ $? -eq 0 ]; then
 136                match="uidrange 100-100"
 137                getmatch="uid 100"
 138                fib_rule6_test_match_n_redirect "$match" "$getmatch" "uid redirect to table"
 139        fi
 140
 141        fib_check_iproute_support "sport" "sport"
 142        if [ $? -eq 0 ]; then
 143                match="sport 666 dport 777"
 144                fib_rule6_test_match_n_redirect "$match" "$match" "sport and dport redirect to table"
 145        fi
 146
 147        fib_check_iproute_support "ipproto" "ipproto"
 148        if [ $? -eq 0 ]; then
 149                match="ipproto tcp"
 150                fib_rule6_test_match_n_redirect "$match" "$match" "ipproto match"
 151        fi
 152
 153        fib_check_iproute_support "ipproto" "ipproto"
 154        if [ $? -eq 0 ]; then
 155                match="ipproto ipv6-icmp"
 156                fib_rule6_test_match_n_redirect "$match" "$match" "ipproto ipv6-icmp match"
 157        fi
 158}
 159
 160fib_rule4_del()
 161{
 162        $IP rule del $1
 163        log_test $? 0 "del $1"
 164}
 165
 166fib_rule4_del_by_pref()
 167{
 168        pref=$($IP rule show | grep "$1 lookup $TABLE" | cut -d ":" -f 1)
 169        $IP rule del pref $pref
 170}
 171
 172fib_rule4_test_match_n_redirect()
 173{
 174        local match="$1"
 175        local getmatch="$2"
 176
 177        $IP rule add $match table $RTABLE
 178        $IP route get $GW_IP4 $getmatch | grep -q "table $RTABLE"
 179        log_test $? 0 "rule4 check: $1"
 180
 181        fib_rule4_del_by_pref "$match"
 182        log_test $? 0 "rule4 del by pref: $match"
 183}
 184
 185fib_rule4_test()
 186{
 187        # setup the fib rule redirect route
 188        $IP route add table $RTABLE default via $GW_IP4 dev $DEV onlink
 189
 190        match="oif $DEV"
 191        fib_rule4_test_match_n_redirect "$match" "$match" "oif redirect to table"
 192
 193        # need enable forwarding and disable rp_filter temporarily as all the
 194        # addresses are in the same subnet and egress device == ingress device.
 195        ip netns exec testns sysctl -w net.ipv4.ip_forward=1
 196        ip netns exec testns sysctl -w net.ipv4.conf.$DEV.rp_filter=0
 197        match="from $SRC_IP iif $DEV"
 198        fib_rule4_test_match_n_redirect "$match" "$match" "iif redirect to table"
 199        ip netns exec testns sysctl -w net.ipv4.ip_forward=0
 200
 201        match="tos 0x10"
 202        fib_rule4_test_match_n_redirect "$match" "$match" "tos redirect to table"
 203
 204        match="fwmark 0x64"
 205        getmatch="mark 0x64"
 206        fib_rule4_test_match_n_redirect "$match" "$getmatch" "fwmark redirect to table"
 207
 208        fib_check_iproute_support "uidrange" "uid"
 209        if [ $? -eq 0 ]; then
 210                match="uidrange 100-100"
 211                getmatch="uid 100"
 212                fib_rule4_test_match_n_redirect "$match" "$getmatch" "uid redirect to table"
 213        fi
 214
 215        fib_check_iproute_support "sport" "sport"
 216        if [ $? -eq 0 ]; then
 217                match="sport 666 dport 777"
 218                fib_rule4_test_match_n_redirect "$match" "$match" "sport and dport redirect to table"
 219        fi
 220
 221        fib_check_iproute_support "ipproto" "ipproto"
 222        if [ $? -eq 0 ]; then
 223                match="ipproto tcp"
 224                fib_rule4_test_match_n_redirect "$match" "$match" "ipproto tcp match"
 225        fi
 226
 227        fib_check_iproute_support "ipproto" "ipproto"
 228        if [ $? -eq 0 ]; then
 229                match="ipproto icmp"
 230                fib_rule4_test_match_n_redirect "$match" "$match" "ipproto icmp match"
 231        fi
 232}
 233
 234run_fibrule_tests()
 235{
 236        log_section "IPv4 fib rule"
 237        fib_rule4_test
 238        log_section "IPv6 fib rule"
 239        fib_rule6_test
 240}
 241
 242if [ "$(id -u)" -ne 0 ];then
 243        echo "SKIP: Need root privileges"
 244        exit $ksft_skip
 245fi
 246
 247if [ ! -x "$(command -v ip)" ]; then
 248        echo "SKIP: Could not run test without ip tool"
 249        exit $ksft_skip
 250fi
 251
 252# start clean
 253cleanup &> /dev/null
 254setup
 255run_fibrule_tests
 256cleanup
 257
 258if [ "$TESTS" != "none" ]; then
 259        printf "\nTests passed: %3d\n" ${nsuccess}
 260        printf "Tests failed: %3d\n"   ${nfail}
 261fi
 262
 263exit $ret
 264
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.