git: 8925a302a31a - stable/12 - tests/libalias: Portrange
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 03 Jan 2022 12:56:14 UTC
The branch stable/12 has been updated by donner:
URL: https://cgit.FreeBSD.org/src/commit/?id=8925a302a31a5510d57b017cf8583b719f2ea623
commit 8925a302a31a5510d57b017cf8583b719f2ea623
Author: Lutz Donnerhacke <donner@FreeBSD.org>
AuthorDate: 2021-07-03 22:28:20 +0000
Commit: Lutz Donnerhacke <donner@FreeBSD.org>
CommitDate: 2022-01-03 11:50:10 +0000
tests/libalias: Portrange
Test ranges of allowed ports for aliasing.
- Explicit default like ipfw(8) is doing
- Regular range
- Exhausting a very small range
- Recovery
Includes a fix of an utility macro, which was not used before.
Differential Revision: https://reviews.freebsd.org/D31012
(cherry picked from commit 2c733b50c5a99cbe4f6eef437e1e3efd720ba306)
---
tests/sys/netinet/libalias/2_natout.c | 55 +++++++++++++++++++++++++++++++++++
tests/sys/netinet/libalias/util.h | 4 +--
2 files changed, 57 insertions(+), 2 deletions(-)
diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c
index 2b6da8f597ed..4dfffdc055e2 100644
--- a/tests/sys/netinet/libalias/2_natout.c
+++ b/tests/sys/netinet/libalias/2_natout.c
@@ -305,6 +305,60 @@ ATF_TC_BODY(7_stress, dummy)
LibAliasUninit(la);
}
+ATF_TC_WITHOUT_HEAD(8_portrange);
+ATF_TC_BODY(8_portrange, dummy)
+{
+ struct libalias *la = LibAliasInit(NULL);
+ struct ip *po;
+ struct udphdr *uo;
+ uint16_t sport = 0x1234;
+ uint16_t dport = 0x5678;
+ uint16_t aport;
+
+ ATF_REQUIRE(la != NULL);
+ LibAliasSetAddress(la, masq);
+ LibAliasSetMode(la, 0, ~0);
+ po = ip_packet(0, 64);
+
+ LibAliasSetAliasPortRange(la, 0, 0); /* reinit like ipfw */
+ UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+ aport = ntohs(uo->uh_sport);
+ ATF_CHECK(aport >= 0x8000);
+
+ /* Different larger range */
+ LibAliasSetAliasPortRange(la, 2000, 3000);
+ dport++;
+ UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+ aport = ntohs(uo->uh_sport);
+ ATF_CHECK(aport >= 2000 && aport < 3000);
+
+ /* Different small range (contains two ports) */
+ LibAliasSetAliasPortRange(la, 4000, 4001);
+ dport++;
+ UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+ aport = ntohs(uo->uh_sport);
+ ATF_CHECK(aport >= 4000 && aport <= 4001);
+
+ sport++;
+ UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+ aport = ntohs(uo->uh_sport);
+ ATF_CHECK(aport >= 4000 && aport <= 4001);
+
+ /* Third port not available in the range */
+ sport++;
+ UDP_NAT_FAIL(po, uo, prv1, sport, ext, dport);
+
+ /* Back to normal */
+ LibAliasSetAliasPortRange(la, 0, 0);
+ dport++;
+ UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+ aport = ntohs(uo->uh_sport);
+ ATF_CHECK(aport >= 0x8000);
+
+ free(po);
+ LibAliasUninit(la);
+}
+
ATF_TP_ADD_TCS(natout)
{
/* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */
@@ -317,6 +371,7 @@ ATF_TP_ADD_TCS(natout)
ATF_TP_ADD_TC(natout, 5_sameport);
ATF_TP_ADD_TC(natout, 6_cleartable);
ATF_TP_ADD_TC(natout, 7_stress);
+ ATF_TP_ADD_TC(natout, 8_portrange);
return atf_no_error();
}
diff --git a/tests/sys/netinet/libalias/util.h b/tests/sys/netinet/libalias/util.h
index fcec225af658..786e48e41f37 100644
--- a/tests/sys/netinet/libalias/util.h
+++ b/tests/sys/netinet/libalias/util.h
@@ -80,7 +80,7 @@ rand_range(int min, int max)
pip->ip_src = src; \
pip->ip_dst = dst; \
res = LibAliasOut(la, pip, len); \
- ATF_CHECK_MSG(res != PKT_ALIAS_OK), \
+ ATF_CHECK_MSG(res != PKT_ALIAS_OK, \
">%d< not met !PKT_ALIAS_OK", res); \
ATF_CHECK(addr_eq(src, pip->ip_src)); \
ATF_CHECK(addr_eq(dst, pip->ip_dst)); \
@@ -118,7 +118,7 @@ rand_range(int min, int max)
#define UDP_NAT_FAIL(p, u, si, sp, di, dp) do { \
u = set_udp(p, (sp), (dp)); \
- NAT_FAIL(p, (si), (mi)); \
+ NAT_FAIL(p, (si), (di)); \
} while(0)
#define UDP_UNNAT_CHECK(p, u, si, sp, mi, mp, di, dp) \